policy_module(sigrok, 1.0.0) ######################################## # # Declarations # attribute_role sigrok_roles; roleattribute system_r sigrok_roles; type sigrok_t; type sigrok_exec_t; userdom_user_application_domain(sigrok_t, sigrok_exec_t) role sigrok_roles types sigrok_t; ######################################## # # Local policy # allow sigrok_t self:fifo_file rw_fifo_file_perms; allow sigrok_t self:netlink_kobject_uevent_socket create_socket_perms; allow sigrok_t self:tcp_socket create_socket_perms; corenet_tcp_connect_all_unreserved_ports(sigrok_t) dev_getattr_sysfs_dirs(sigrok_t) dev_read_sysfs(sigrok_t) dev_rw_generic_usb_dev(sigrok_t) files_read_etc_files(sigrok_t) term_use_unallocated_ttys(sigrok_t) userdom_use_user_ptys(sigrok_t) optional_policy(` udev_read_runtime_files(sigrok_t) ')