policy_module(sensord, 1.4.0) ######################################## # # Declarations # type sensord_t; type sensord_exec_t; init_daemon_domain(sensord_t, sensord_exec_t) type sensord_initrc_exec_t; init_script_file(sensord_initrc_exec_t) type sensord_runtime_t alias sensord_var_run_t; files_pid_file(sensord_runtime_t) ######################################## # # Local policy # allow sensord_t self:fifo_file rw_fifo_file_perms; allow sensord_t self:unix_stream_socket create_stream_socket_perms; manage_files_pattern(sensord_t, sensord_runtime_t, sensord_runtime_t) files_pid_filetrans(sensord_t, sensord_runtime_t, file) dev_read_sysfs(sensord_t) files_read_etc_files(sensord_t) logging_send_syslog_msg(sensord_t) miscfiles_read_localization(sensord_t)