policy_module(cpufreqselector, 1.5.0) ######################################## # # Declarations # type cpufreqselector_t; type cpufreqselector_exec_t; init_daemon_domain(cpufreqselector_t, cpufreqselector_exec_t) ######################################## # # Local policy # allow cpufreqselector_t self:capability { sys_nice sys_ptrace }; allow cpufreqselector_t self:process getsched; allow cpufreqselector_t self:fifo_file rw_fifo_file_perms; kernel_read_system_state(cpufreqselector_t) files_read_etc_files(cpufreqselector_t) files_read_usr_files(cpufreqselector_t) dev_rw_sysfs(cpufreqselector_t) miscfiles_read_localization(cpufreqselector_t) userdom_read_all_users_state(cpufreqselector_t) userdom_dontaudit_search_user_home_dirs(cpufreqselector_t) optional_policy(` dbus_system_domain(cpufreqselector_t, cpufreqselector_exec_t) optional_policy(` consolekit_dbus_chat(cpufreqselector_t) ') optional_policy(` policykit_dbus_chat(cpufreqselector_t) ') ') optional_policy(` nscd_dontaudit_search_runtime(cpufreqselector_t) ') optional_policy(` policykit_domtrans_auth(cpufreqselector_t) policykit_read_lib(cpufreqselector_t) policykit_read_reload(cpufreqselector_t) ')