Skip to content

Instantly share code, notes, and snippets.

@binkybear

binkybear/gist:fec6daf319edb44a8303

Last active August 29, 2015 14:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save binkybear/fec6daf319edb44a8303 to your computer and use it in GitHub Desktop.
Save binkybear/fec6daf319edb44a8303 to your computer and use it in GitHub Desktop.
Download ZIP
supolicy test mana-simple
Raw
gistfile1.txt
supolicy --live \
"allow install_recovery system_data_file file { execute_no_trans setattr read create write ioctl unlink open}" \
"allow install_recovery system_data_file sock_file { setattr unlink create write }" \
"allow install_recovery fuse dir { mounton setattr }" \
"allow install_recovery proc filesystem { mount }" \
"allow install_recovery rootfs dir { mounton setattr mount }" \
"allow install_recovery tmpfs dir { create add_name mounton setattr write}" \
"allow init_shell sysfs filesystem { mount }" \
"allow install_recovery system_data_file dir { remove_name add_name write }" \
"allow init_shell init_shell rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
"allow install_recovery install_recovery rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
"allow init_shell init_shell udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
"allow install_recovery install_recovery udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
"allow install_recovery node udp_socket { node_bind name_bind }" \
"allow install_recovery port udp_socket { node_bind name_bind }" \
"allow init_shell init_shell tcp_socket { bind read setopt getopt create write getattr listen ioctl connect}" \
"allow install_recovery install_recovery netlink_socket { read write create setopt bind getattr read write}" \
"allow install_recovery install_recovery netlink_route_socket { read write create setopt bind getattr read write nlmsg_write }" \
"allow install_recovery install_recovery process { signull }" \
"allow install_recovery proc_net file { write }" \
"allow install_recovery ssr dir { search }" \
"allow install_recovery ssr file { open read }" \
"allow install_recovery untrusted_app process { signull }" \
"allow install_recovery untrusted_app_devpts chr_file { ioctl write getattr open }" \
"allow install_recovery device chr_file { ioctl read write getattr open }" \
"allow install_recovery dhcp dir { open read }" \
"allow install_recovery su file { open read }" \
"allow install_recovery su dir { open read search }" \
"allow install_recovery system_app file { open read search }" \
"allow install_recovery system_app dir { open read }" \
"allow install_recovery platform_app file { open read search }" \
"allow install_recovery radio dir { open read search }" \
"allow install_recovery system_data_file file { rename link unlink append }" \
"allow install_recovery install_recovery packet_socket { create setopt bind read write setopt getopt }" \
"allow init_shell init_shell packet_socket { create setopt bind read write setopt getopt }" \
"allow install_recovery install_recovery capability { net_bind_service net_admin fsetid net_raw sys_chroot setgid setuid kill }" \
"allow init_shell init_shell capability { dac_override net_bind_service net_admin net_raw sys_chroot setgid setuid }"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment