| typeattribute init coredomain; |
| |
| tmpfs_domain(init) |
| |
| # Transitions to seclabel processes in init.rc |
| domain_trans(init, rootfs, charger) |
| domain_trans(init, rootfs, healthd) |
| domain_trans(init, rootfs, slideshow) |
| domain_auto_trans(init, e2fs_exec, e2fs) |
| recovery_only(` |
| domain_trans(init, rootfs, adbd) |
| domain_trans(init, rootfs, fastbootd) |
| domain_trans(init, rootfs, recovery) |
| ') |
| domain_trans(init, shell_exec, shell) |
| domain_trans(init, init_exec, ueventd) |
| domain_trans(init, init_exec, vendor_init) |
| domain_trans(init, { rootfs toolbox_exec }, modprobe) |
| userdebug_or_eng(` |
| # case where logpersistd is actually logcat -f in logd context (nee: logcatd) |
| domain_auto_trans(init, logcat_exec, logpersist) |
| |
| # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng |
| allow init su:process transition; |
| dontaudit init su:process noatsecure; |
| allow init su:process { siginh rlimitinh }; |
| ') |