API tools faq
paste
kasual

ls990 (LG G3) LineageOS 15.0 sepolicy

kasual
Dec 3rd, 2017
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.27 KB | None | 0 0
raw download clone embed print report
  1. $ adb shell su -c dmesg | grep denied | audit2allow -p out/target/product/ls990/root/sepolicy
  2.  
  3. #============= blkid_untrusted ==============
  4. allow blkid_untrusted sysfs:file { getattr open read };
  5.  
  6. #============= bluetooth ==============
  7. allow bluetooth self:capability2 0x8;
  8.  
  9. #============= bootstat ==============
  10. allow bootstat sysfs:file { getattr open read };
  11.  
  12. #============= fsck ==============
  13. allow fsck block_device:blk_file { ioctl open read write };
  14.  
  15. #============= hal_allocator_default ==============
  16. allow hal_allocator_default sysfs:file { getattr open read };
  17.  
  18. #============= hal_bluetooth_default ==============
  19. allow hal_bluetooth_default bluetooth_data_file:file { open read };
  20. allow hal_bluetooth_default firmware_file:dir { open read };
  21. allow hal_bluetooth_default firmware_file:file { open read };
  22. allow hal_bluetooth_default proc:file { open write };
  23. allow hal_bluetooth_default sysfs:file write;
  24.  
  25. #============= hal_wifi_default ==============
  26. allow hal_wifi_default sysfs:file write;
  27.  
  28. #============= hal_wifi_supplicant_default ==============
  29. allow hal_wifi_supplicant_default device:chr_file { open read };
  30.  
  31. #============= hwservicemanager ==============
  32. allow hwservicemanager sysfs:file { getattr open read };
  33.  
  34. #============= init ==============
  35. allow init device_latency:chr_file write;
  36. allow init netd:unix_stream_socket connectto;
  37. allow init netd_socket:sock_file write;
  38. allow init qmuxd_socket:sock_file write;
  39. allow init rtc_device:chr_file ioctl;
  40. allow init self:netlink_kobject_uevent_socket { bind create read setopt };
  41. allow init self:netlink_route_socket { bind create read };
  42. allow init self:netlink_socket { bind create write };
  43. allow init self:netlink_xfrm_socket { bind create };
  44. allow init self:rawip_socket { create getopt setopt };
  45. allow init self:socket { bind create ioctl read write };
  46. allow init self:udp_socket ioctl;
  47. allow init sensors_device:chr_file ioctl;
  48. allow init sensors_persist_file:file append;
  49. allow init shell_exec:file execute_no_trans;
  50. allow init smd_device:chr_file { ioctl write };
  51. allow init socket_device:sock_file { create getattr setattr write };
  52. allow init thermal_device:chr_file ioctl;
  53. allow init uio_device:chr_file write;
  54. allow init video_device:chr_file { ioctl write };
  55.  
  56. #============= logd ==============
  57. allow logd sysfs:file { getattr open read };
  58.  
  59. #============= nfc ==============
  60. allow nfc sysfs:dir { open read };
  61.  
  62. #============= priv_app ==============
  63. allow priv_app device:dir { open read };
  64. allow priv_app proc_interrupts:file { open read };
  65.  
  66. #============= radio ==============
  67. allow radio qmuxd_socket:sock_file write;
  68. allow radio system_app_data_file:dir getattr;
  69.  
  70. #============= sgdisk ==============
  71. allow sgdisk sysfs:file { getattr open read };
  72.  
  73. #============= shell ==============
  74. allow shell sysfs:file { getattr open read };
  75.  
  76. #============= system_server ==============
  77. allow system_server alarm_boot_prop:file { getattr open };
  78. allow system_server persist_file:dir write;
  79. allow system_server qmuxd_socket:dir { add_name write };
  80. allow system_server qmuxd_socket:sock_file { create write };
  81. allow system_server sensors_device:chr_file getattr;
  82. allow system_server socket_device:sock_file write;
  83.  
  84. #============= toolbox ==============
  85. allow toolbox block_device:blk_file { open read };
  86. allow toolbox init:fifo_file { getattr read write };
  87. allow toolbox init:unix_stream_socket connectto;
  88. allow toolbox property_socket:sock_file write;
  89. allow toolbox radio_prop:property_service\x0a set;
  90. allow toolbox sensors_prop:property_service\x0a set;
  91. allow toolbox smem_log_device:chr_file { read write };
  92. allow toolbox sysfs:file { getattr open read };
  93.  
  94. #============= tzdatacheck ==============
  95. allow tzdatacheck sysfs:file { getattr open read };
  96.  
  97. #============= ueventd ==============
  98. allow ueventd vfat:file { getattr open read };
  99.  
  100. #============= untrusted_app ==============
  101. allow untrusted_app sysfs:file { getattr open read };
  102. allow untrusted_app untrusted_app_devpts:chr_file ioctl;
  103.  
  104. #============= untrusted_app_25 ==============
  105. allow untrusted_app_25 sysfs:file { getattr open read };
  106.  
  107. #============= vdc ==============
  108. allow vdc sysfs:file { getattr open read };
  109.  
  110. #============= webview_zygote ==============
  111. allow webview_zygote sysfs:file { getattr open read };
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!