#DESC cpucontrol - domain for microcode_ctl and other programs to control CPU
#
# Author:  Russell Coker <russell@coker.com.au>
#

type cpucontrol_conf_t, file_type, sysadmfile;

daemon_base_domain(cpucontrol)

# Access cpu devices.
allow cpucontrol_t cpu_device_t:chr_file rw_file_perms;
allow cpucontrol_t device_t:lnk_file { getattr read };
allow initrc_t cpu_device_t:chr_file getattr;

allow cpucontrol_t self:capability sys_rawio;

r_dir_file(cpucontrol_t, cpucontrol_conf_t)