p-07d policy一覧

1. <kernel>
2. use_profile 3
3. file execute /init exec.realpath="/init" exec.argv[0]="/init"
4. file execute @PER_EXEC_FILE
5. use_group 0
6. <kernel> //./app-user
7. use_profile 3
8. file execute @PER_EXEC_FILE task.euid=10000-4294967295 task.egid=10000-4294967295
9. use_group 0
10. <kernel> //./fclock-user
11. use_profile 3
12. file execute @PER_EXEC_FILE task.euid=4001 task.egid=4001
13. file read /dev/felica_cfg
14. file write /dev/felica_cen
15. file write /dev/felica_cfg
16. use_group 0
17. <kernel> //./felica-user
18. use_profile 3
19. file execute @PER_EXEC_FILE task.euid=4000 task.egid=4000
20. file read /dev/felica
21. file read /system/app/MobileFeliCaClient.odex
22. file write /dev/felica
23. file write /dev/felica_pon
24. use_group 0
25. <kernel> //./felicaCTL-user
26. use_profile 3
27. file execute @PER_EXEC_FILE task.euid=4003 task.egid=4003
28. file read /system/app/FeliCaControl.apk
29. use_group 0
30. <kernel> //./felicaDT-user
31. use_profile 3
32. file execute @PER_EXEC_FILE task.euid=4002 task.egid=4002
33. file read /dev/udlfomf
34. file read /system/app/felicaDT.apk
35. file read /system/app/felicaDT.odex
36. file write /dev/udlfomf
37. use_group 0
38. <kernel> //./iddb-user
39. use_profile 3
40. file execute @PER_EXEC_FILE task.euid=4500 task.egid=4500
41. file read /system/lib/libNormalIDDB_jni.so
42. file read /system/lib/libvanfc.so
43. use_group 0
44. <kernel> //./other-user
45. use_profile 3
46. file execute @PER_EXEC_FILE task.euid=1-999 task.egid=1-999
47. file execute @PER_EXEC_FILE task.euid=1001-3999 task.egid=1001-3999
48. file execute @PER_EXEC_FILE task.euid=4004-4299 task.egid=4004-4299
49. file execute @PER_EXEC_FILE task.euid=4301-4499 task.egid=4301-4499
50. file execute @PER_EXEC_FILE task.euid=4501-9999 task.egid=4501-9999
51. use_group 0
52. <kernel> //./system-user
53. use_profile 3
54. capability use_kernel_module
55. file execute @PER_EXEC_FILE task.euid=1000 task.egid=1000
56. file read /system/lib/libSafetyBox_jni.so
57. file read /system/lib/libSecureIDDB_jni.so
58. file read /system/lib/libvanfc.so
59. file read /system/app/MobileFeliCaClient.odex
60. file read /system/app/felicaDT.apk
61. file read /system/app/felicaDT.odex
62. file read /system/app/FeliCaControl.apk
63. file write /dev/felica_rws
64. use_group 0
65. <kernel> //./taginv-user
66. use_profile 3
67. file execute @PER_EXEC_FILE task.euid=4300 task.egid=4300
68. file read /system/lib/libSecureIDDB_jni.so
69. file read /system/lib/libvanfc.so
70. use_group 0
71. <kernel> /init
72. use_profile 3
73. capability use_kernel_module
74. file chgrp /mnt/.private2/ 0
75. file chmod /system/ 0755
76. file chown /mnt/.private2/ 0
77. file execute /sbin/adbd exec.realpath="/sbin/adbd" exec.argv[0]="/sbin/adbd"
78. file execute /system/bin/anpand exec.realpath="/system/bin/anpand" exec.argv[0]="/system/bin/anpand"
79. file execute /system/bin/app_process exec.realpath="/system/bin/app_process" exec.argv[0]="/system/bin/app_process"
80. file execute /system/bin/debuggerd exec.realpath="/system/bin/debuggerd" exec.argv[0]="/system/bin/debuggerd"
81. file execute /system/bin/felicamdl exec.realpath="/system/bin/felicamdl" exec.argv[0]="/system/bin/felicamdl"
82. file execute /system/bin/installd exec.realpath="/system/bin/installd" exec.argv[0]="/system/bin/installd"
83. file execute /system/bin/rild exec.realpath="/system/bin/rild" exec.argv[0]="/system/bin/rild"
84. file execute /system/bin/rmt_storage exec.realpath="/system/bin/rmt_storage" exec.argv[0]="/system/bin/rmt_storage"
85. file execute /system/bin/sh exec.realpath="/system/bin/mksh" exec.argv[0]="/system/bin/sh"
86. file execute /system/bin/vcrypt_setup.sh exec.realpath="/system/bin/vcrypt_setup.sh" exec.argv[0]="/system/bin/vcrypt_setup.sh"
87. file execute /system/bin/vcryptd exec.realpath="/system/bin/vcryptd" exec.argv[0]="/system/bin/vcryptd"
88. file execute /system/bin/vold exec.realpath="/system/bin/vold" exec.argv[0]="/system/bin/vold"
89. file execute /system/bin/vssd exec.realpath="/system/bin/vssd" exec.argv[0]="/system/bin/vssd"
90. file execute @PER_EXEC_FILE
91. file mkdir /tmp/ 0755
92. file mkdir /mnt/.private2/ 0777
93. file mount /dev/block/mmcblk0p1 /firmware/ vfat 0x1
94. file mount /dev/block/mmcblk0p12 /system/ ext4 0x0
95. file mount /dev/block/mmcblk0p12 /system/ --remount 0x1
96. file mount /dev/block/mmcblk0p13 /data/ ext4 0x6
97. file mount /dev/block/mmcblk0p14 /persist/ ext4 0x6
98. file mount /dev/block/mmcblk0p15 /cache/ ext4 0x6
99. file mount /dev/block/mmcblk0p16 /tombstones/ ext4 0x6
100. file mount /dev/block/mmcblk0p24 /block1/ ext4 0x6
101. file mount /dev/block/mmcblk0p25 /log3/ ext4 0x6
102. file mount /dev/block/mmcblk0p30 /log/ ext4 0x6
103. file mount /dev/block/mmcblk0p31 /fotadelta/ ext4 0x6
104. file mount devpts /dev/pts/ devpts 0x0
105. file mount none /acct/ cgroup 0x0
106. file mount none /dev/cpuctl/ cgroup 0x0
107. file mount proc /proc/ proc 0x0
108. file mount rootfs / --remount 0x1
109. file mount sysfs /sys/ sysfs 0x0
110. file mount tmpfs /data/ tmpfs 0x406
111. file mount tmpfs /dev/ tmpfs 0x2
112. file mount tmpfs /mnt/asec/ tmpfs 0x0
113. file mount tmpfs /mnt/obb/ tmpfs 0x0
114. file mount tmpfs /tmp/ tmpfs 0x0
115. file unmount /data/
116. file read /dev/block/mmcblk0p13
117. file read /dev/block/mmcblk0p28
118. file read /dev/block/mmcblk0p32
119. file read /system/app/FeliCaControl.apk
120. file symlink /.private2 symlink.target="/mnt/.private2"
121. file symlink /d symlink.target="/sys/kernel/debug"
122. file symlink /etc symlink.target="/system/etc"
123. file symlink /private symlink.target="/mnt/private"
124. file symlink /sdcard symlink.target="/mnt/sdcard"
125. file symlink /vendor symlink.target="/system/vendor"
126. file write /dev/block/mmcblk0p13
127. file write /dev/block/mmcblk0p32
128. use_group 0
129. <kernel> /init /sbin/adbd
130. use_profile 3
131. file execute /system/bin/sh exec.realpath="/system/bin/mksh" exec.argv[0]="/system/bin/sh" task.euid=2000
132. file execute @PER_EXEC_FILE task.euid=2000
133. use_group 0
134. <kernel> /init /sbin/adbd /system/bin/sh
135. use_profile 3
136. file execute /system/bin/app_process exec.realpath="/system/bin/app_process" exec.argv[0]="/system/bin/app_process" task.euid=2000
137. file execute @PER_EXEC_FILE task.euid=2000
138. use_group 0
139. <kernel> /init /system/bin/anpand
140. use_profile 3
141. file execute @PER_EXEC_FILE
142. file read /dev/block/mmcblk0p28
143. file read /dev/block/mmcblk0p32
144. file read /dev/mem
145. file write /dev/block/mmcblk0p32
146. file write /dev/mem
147. use_group 0
148. <kernel> /init /system/bin/installd
149. use_profile 3
150. file read /system/app/felicaDT.apk
151. file read /system/app/FeliCaControl.apk
152. file execute @PER_EXEC_FILE
153. use_group 0
154. <kernel> /init /system/bin/rild
155. use_profile 3
156. file execute @PER_EXEC_FILE
157. use_group 0
158. <kernel> /init /system/bin/rmt_storage
159. use_profile 3
160. file execute @PER_EXEC_FILE
161. file read /dev/block/mmcblk0
162. file read /dev/block/mmcblk0p10
163. file read /dev/block/mmcblk0p11
164. file read /dev/block/mmcblk0p19
165. file read /dev/block/mmcblk0p20
166. file read /dev/mem
167. file write /dev/block/mmcblk0p10
168. file write /dev/block/mmcblk0p11
169. file write /dev/block/mmcblk0p19
170. file write /dev/block/mmcblk0p20
171. file write /dev/mem
172. use_group 0
173. <kernel> /init /system/bin/sh
174. use_profile 3
175. file execute @PER_EXEC_FILE
176. file symlink /system/etc/firmware/\*
177. use_group 0
178. <kernel> /init /system/bin/vcrypt_setup.sh
179. use_profile 3
180. file execute /system/bin/mount_crypt exec.realpath="/system/bin/mount_crypt" exec.argv[0]="/system/bin/mount_crypt"
181. file execute @PER_EXEC_FILE
182. use_group 0
183. <kernel> /init /system/bin/vcrypt_setup.sh /system/bin/mount_crypt
184. use_profile 3
185. file execute /system/bin/cryptsetup.backend exec.realpath="/system/bin/cryptsetup.backend" exec.argv[0]="cryptsetup.backend"
186. file execute /system/bin/genpassphrase exec.realpath="/system/bin/genpassphrase" exec.argv[0]="genpassphrase"
187. file execute @PER_EXEC_FILE
188. file mount /dev/mapper/private2 /mnt/.private2/ ext4 0x0
189. file read /system/lib/libvcrypt_be.so
190. file unmount /mnt/.private2/
191. use_group 0
192. <kernel> /init /system/bin/vcrypt_setup.sh /system/bin/mount_crypt /system/bin/cryptsetup.backend
193. use_profile 3
194. file append /mnt/.private2/\*
195. file append /mnt/.private2/\{\*\}/\*
196. file chgrp /mnt/.private2/ @COMMON_ID
197. file chgrp /mnt/.private2/\* @COMMON_ID
198. file chgrp /mnt/.private2/\{\*\}/ @COMMON_ID
199. file chgrp /mnt/.private2/\{\*\}/\* @COMMON_ID
200. file chmod /mnt/.private2/ @COMMON_MODE
201. file chmod /mnt/.private2/\* @COMMON_MODE
202. file chmod /mnt/.private2/\{\*\}/ @COMMON_MODE
203. file chmod /mnt/.private2/\{\*\}/\* @COMMON_MODE
204. file chown /mnt/.private2/ @COMMON_ID
205. file chown /mnt/.private2/\* @COMMON_ID
206. file chown /mnt/.private2/\{\*\}/ @COMMON_ID
207. file chown /mnt/.private2/\{\*\}/\* @COMMON_ID
208. file create /mnt/.private2/\* @COMMON_MODE
209. file create /mnt/.private2/\{\*\}/\* @COMMON_MODE
210. file execute @PER_EXEC_FILE
211. file link /mnt/.private2/\* /mnt/.private2/\*
212. file link /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
213. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
214. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
215. file link /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
216. file mkdir /mnt/.private2/ @COMMON_MODE
217. file mkdir /mnt/.private2/\{\*\}/ @COMMON_MODE
218. file read /dev/block/mmcblk0p23
219. file read /mnt/.private2/
220. file read /mnt/.private2/\*
221. file read /mnt/.private2/\{\*\}/
222. file read /mnt/.private2/\{\*\}/\*
223. file read proc:/nk/vcrypt-be
224. file rename /mnt/.private2/\* /mnt/.private2/\*
225. file rename /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
226. file rename /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
227. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
228. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
229. file rmdir /mnt/.private2/
230. file rmdir /mnt/.private2/\{\*\}/
231. file symlink /mnt/.private2/\*
232. file symlink /mnt/.private2/\{\*\}/\*
233. file truncate /mnt/.private2/\*
234. file truncate /mnt/.private2/\{\*\}/\*
235. file unlink /mnt/.private2/
236. file unlink /mnt/.private2/\*
237. file unlink /mnt/.private2/\{\*\}/
238. file unlink /mnt/.private2/\{\*\}/\*
239. file write /dev/block/mmcblk0p23
240. file write /mnt/.private2/\*
241. file write /mnt/.private2/\{\*\}/\*
242. file write proc:/nk/vcrypt-be
243. use_group 0
244. <kernel> /init /system/bin/vcryptd
245. use_profile 3
246. file execute @PER_EXEC_FILE
247. file mount /dev/mapper/private1 /mnt/private/ ext4 0x0
248. file read /dev/block/mmcblk0p22
249. file read /dev/block/mmcblk0p28
250. file read /dev/block/mmcblk0p32
251. file unmount /mnt/private/
252. file write /dev/block/mmcblk0p22
253. file write /dev/block/mmcblk0p32
254. use_group 0
255. <kernel> /init /system/bin/vold
256. use_profile 3
257. file execute @PER_EXEC_FILE
258. file mount /dev/block/dm-\$ /mnt/asec/\*/ vfat 0x87
259. file mount /dev/block/dm-\$ /mnt/asec/\*/ texfat 0x87
260. file mount /dev/block/dm-\$ /mnt/asec/\*/ vfat 0x8E
261. file mount /dev/block/dm-\$ /mnt/asec/\*/ texfat 0x8E
262. file mount /dev/block/dm-\$ /data/ ext4 0x6
263. file mount /dev/block/dm-\$ /data/tmp_mnt/ ext4 0x1
264. file mount /dev/block/loop\$ /mnt/asec/\*/ --remount 0x87
265. file mount /dev/block/loop\$ /mnt/obb/\*/ vfat 0x87
266. file mount /dev/block/loop\$ /mnt/obb/\*/ texfat 0x87
267. file mount /dev/block/vold/\*:\* /mnt/secure/staging/ vfat 0x8E
268. file mount /dev/block/vold/\*:\* /mnt/secure/staging/ texfat 0x8E
269. file mount /mnt/sdcard/ /mnt/secure/staging/ --move 0x0
270. file mount /mnt/secure/staging/ /mnt/sdcard/ --move 0x0
271. file mount /mnt/secure/staging/.android_secure/ /mnt/secure/asec/ --bind 0x0
272. file mount tmpfs /data/ tmpfs 0x406
273. file mount tmpfs /mnt/secure/staging/.android_secure/ tmpfs 0x1
274. file unmount /data/
275. file unmount /data/tmp_mnt/
276. file unmount /mnt/asec/\*/
277. file unmount /mnt/obb/\*/
278. file unmount /mnt/sdcard/
279. file unmount /mnt/secure/asec/
280. file unmount /mnt/secure/staging/
281. file unmount /mnt/secure/staging/.android_secure/
282. file read /dev/block/mmcblk0p13
283. file write /dev/block/mmcblk0p13
284. use_group 0
285. <kernel> /init /system/bin/vssd
286. use_profile 3
287. file append /mnt/.private2/\*
288. file append /mnt/.private2/\{\*\}/\*
289. file chgrp /mnt/.private2/ @COMMON_ID
290. file chgrp /mnt/.private2/\* @COMMON_ID
291. file chgrp /mnt/.private2/\{\*\}/ @COMMON_ID
292. file chgrp /mnt/.private2/\{\*\}/\* @COMMON_ID
293. file chmod /mnt/.private2/ @COMMON_MODE
294. file chmod /mnt/.private2/\* @COMMON_MODE
295. file chmod /mnt/.private2/\{\*\}/ @COMMON_MODE
296. file chmod /mnt/.private2/\{\*\}/\* @COMMON_MODE
297. file chown /mnt/.private2/ @COMMON_ID
298. file chown /mnt/.private2/\* @COMMON_ID
299. file chown /mnt/.private2/\{\*\}/ @COMMON_ID
300. file chown /mnt/.private2/\{\*\}/\* @COMMON_ID
301. file create /mnt/.private2/\* @COMMON_MODE
302. file create /mnt/.private2/\{\*\}/\* @COMMON_MODE
303. file execute /system/bin/cryptsetup.backend exec.realpath="/system/bin/cryptsetup.backend" exec.argv[0]="cryptsetup.backend"
304. file execute /system/bin/genpassphrase exec.realpath="/system/bin/genpassphrase" exec.argv[0]="genpassphrase"
305. file execute @PER_EXEC_FILE
306. file link /mnt/.private2/\* /mnt/.private2/\*
307. file link /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
308. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
309. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
310. file link /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
311. file mkdir /mnt/.private2/ @COMMON_MODE
312. file mkdir /mnt/.private2/\{\*\}/ @COMMON_MODE
313. file read /mnt/.private2/
314. file read /mnt/.private2/\*
315. file read /mnt/.private2/\{\*\}/
316. file read /mnt/.private2/\{\*\}/\*
317. file read /system/lib/libnfcid.so
318. file read /system/lib/libvcrypt_be.so
319. file read /system/lib/libvssl.so
320. file read proc:/nk/vcrypt-be
321. file rename /mnt/.private2/\* /mnt/.private2/\*
322. file rename /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
323. file rename /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
324. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
325. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
326. file rmdir /mnt/.private2/
327. file rmdir /mnt/.private2/\{\*\}/
328. file symlink /mnt/.private2/\*
329. file symlink /mnt/.private2/\{\*\}/\*
330. file truncate /mnt/.private2/\*
331. file truncate /mnt/.private2/\{\*\}/\*
332. file unlink /mnt/.private2/
333. file unlink /mnt/.private2/\*
334. file unlink /mnt/.private2/\{\*\}/
335. file unlink /mnt/.private2/\{\*\}/\*
336. file write /mnt/.private2/\*
337. file write /mnt/.private2/\{\*\}/\*
338. file write proc:/nk/vcrypt-be
339. use_group 0
340. <kernel> /init /system/bin/vssd /system/bin/cryptsetup.backend
341. use_profile 3
342. file append /mnt/.private2/\*
343. file append /mnt/.private2/\{\*\}/\*
344. file chgrp /mnt/.private2/ @COMMON_ID
345. file chgrp /mnt/.private2/\* @COMMON_ID
346. file chgrp /mnt/.private2/\{\*\}/ @COMMON_ID
347. file chgrp /mnt/.private2/\{\*\}/\* @COMMON_ID
348. file chmod /mnt/.private2/ @COMMON_MODE
349. file chmod /mnt/.private2/\* @COMMON_MODE
350. file chmod /mnt/.private2/\{\*\}/ @COMMON_MODE
351. file chmod /mnt/.private2/\{\*\}/\* @COMMON_MODE
352. file chown /mnt/.private2/ @COMMON_ID
353. file chown /mnt/.private2/\* @COMMON_ID
354. file chown /mnt/.private2/\{\*\}/ @COMMON_ID
355. file chown /mnt/.private2/\{\*\}/\* @COMMON_ID
356. file create /mnt/.private2/\* @COMMON_MODE
357. file create /mnt/.private2/\{\*\}/\* @COMMON_MODE
358. file execute @PER_EXEC_FILE
359. file link /mnt/.private2/\* /mnt/.private2/\*
360. file link /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
361. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
362. file link /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
363. file link /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
364. file mkdir /mnt/.private2/ @COMMON_MODE
365. file mkdir /mnt/.private2/\{\*\}/ @COMMON_MODE
366. file read /dev/block/mmcblk0p23
367. file read /mnt/.private2/
368. file read /mnt/.private2/\*
369. file read /mnt/.private2/\{\*\}/
370. file read /mnt/.private2/\{\*\}/\*
371. file read proc:/nk/vcrypt-be
372. file rename /mnt/.private2/\* /mnt/.private2/\*
373. file rename /mnt/.private2/\* /mnt/.private2/\{\*\}/\*
374. file rename /mnt/.private2/\{\*\}/ /mnt/.private2/\{\*\}/
375. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\*
376. file rename /mnt/.private2/\{\*\}/\* /mnt/.private2/\{\*\}/\*
377. file rmdir /mnt/.private2/
378. file rmdir /mnt/.private2/\{\*\}/
379. file symlink /mnt/.private2/\*
380. file symlink /mnt/.private2/\{\*\}/\*
381. file truncate /mnt/.private2/\*
382. file truncate /mnt/.private2/\{\*\}/\*
383. file unlink /mnt/.private2/
384. file unlink /mnt/.private2/\*
385. file unlink /mnt/.private2/\{\*\}/
386. file unlink /mnt/.private2/\{\*\}/\*
387. file write /dev/block/mmcblk0p23
388. file write /mnt/.private2/\*
389. file write /mnt/.private2/\{\*\}/\*
390. file write proc:/nk/vcrypt-be
391. use_group 0
392. <kernel> /system/bin/app_process
393. use_profile 3
394. file execute /system/bin/dexopt exec.realpath="/system/bin/dexopt" exec.argv[0]="/system/bin/dexopt"
395. file execute @PER_EXEC_FILE
396. use_group 1
397. <kernel> /init /system/bin/debuggerd
398. use_profile 3
399. capability SYS_PTRACE
400. file execute @PER_EXEC_FILE
401. use_group 0
402. <kernel> /init /system/bin/felicamdl
403. use_profile 3
404. file execute @PER_EXEC_FILE
405. file read /dev/felica_interrupt
406. use_group 0
407. <kernel> /system/bin/app_process /system/bin/dexopt
408. use_profile 3
409. file execute @PER_EXEC_FILE
410. use_group 0
411. PROFILE_VERSION=20100903
412. 0-COMMENT=-----Disabled Mode-----
413. 0-PREFERENCE={ max_audit_log=1024 max_learning_entry=2048 enforcing_penalty=0 }
414. 0-CONFIG={ mode=disabled grant_log=yes reject_log=yes }
415. 1-COMMENT=-----Learning Mode-----
416. 1-PREFERENCE={ max_audit_log=1024 max_learning_entry=2048 enforcing_penalty=0 }
417. 1-CONFIG={ mode=disabled grant_log=yes reject_log=yes }
418. 1-CONFIG::file::execute={ mode=learning grant_log=no reject_log=yes }
419. 1-CONFIG::file::open={ mode=learning grant_log=no reject_log=yes }
420. 1-CONFIG::file::symlink={ mode=learning grant_log=no reject_log=yes }
421. 1-CONFIG::file::link={ mode=learning grant_log=no reject_log=yes }
422. 1-CONFIG::file::rename={ mode=learning grant_log=no reject_log=yes }
423. 1-CONFIG::file::chroot={ mode=learning grant_log=no reject_log=yes }
424. 1-CONFIG::file::mount={ mode=learning grant_log=no reject_log=yes }
425. 1-CONFIG::file::unmount={ mode=learning grant_log=no reject_log=yes }
426. 1-CONFIG::file::pivot_root={ mode=learning grant_log=no reject_log=yes }
427. 1-CONFIG::file::create={ mode=learning grant_log=no reject_log=yes }
428. 1-CONFIG::file::unlink={ mode=learning grant_log=no reject_log=yes }
429. 1-CONFIG::file::chown={ mode=learning grant_log=no reject_log=yes }
430. 1-CONFIG::file::chgrp={ mode=learning grant_log=no reject_log=yes }
431. 1-CONFIG::file::chmod={ mode=learning grant_log=no reject_log=yes }
432. 1-CONFIG::file::mkdir={ mode=learning grant_log=no reject_log=yes }
433. 1-CONFIG::file::rmdir={ mode=learning grant_log=no reject_log=yes }
434. 1-CONFIG::file::truncate={ mode=learning grant_log=no reject_log=yes }
435. 1-CONFIG::capability::use_kernel_module={ mode=learning grant_log=no reject_log=yes }
436. 1-CONFIG::capability::SYS_PTRACE={ mode=learning grant_log=no reject_log=yes }
437. 2-COMMENT=-----Permissive Mode-----
438. 2-PREFERENCE={ max_audit_log=1024 max_learning_entry=2048 enforcing_penalty=0 }
439. 2-CONFIG={ mode=disabled grant_log=yes reject_log=yes }
440. 2-CONFIG::file::execute={ mode=permissive grant_log=no reject_log=yes }
441. 2-CONFIG::file::open={ mode=permissive grant_log=no reject_log=yes }
442. 2-CONFIG::file::symlink={ mode=permissive grant_log=no reject_log=yes }
443. 2-CONFIG::file::link={ mode=permissive grant_log=no reject_log=yes }
444. 2-CONFIG::file::rename={ mode=permissive grant_log=no reject_log=yes }
445. 2-CONFIG::file::chroot={ mode=permissive grant_log=no reject_log=yes }
446. 2-CONFIG::file::mount={ mode=permissive grant_log=no reject_log=yes }
447. 2-CONFIG::file::unmount={ mode=permissive grant_log=no reject_log=yes }
448. 2-CONFIG::file::pivot_root={ mode=permissive grant_log=no reject_log=yes }
449. 2-CONFIG::file::create={ mode=permissive grant_log=no reject_log=yes }
450. 2-CONFIG::file::unlink={ mode=permissive grant_log=no reject_log=yes }
451. 2-CONFIG::file::chown={ mode=permissive grant_log=no reject_log=yes }
452. 2-CONFIG::file::chgrp={ mode=permissive grant_log=no reject_log=yes }
453. 2-CONFIG::file::chmod={ mode=permissive grant_log=no reject_log=yes }
454. 2-CONFIG::file::mkdir={ mode=permissive grant_log=no reject_log=yes }
455. 2-CONFIG::file::rmdir={ mode=permissive grant_log=no reject_log=yes }
456. 2-CONFIG::file::truncate={ mode=permissive grant_log=no reject_log=yes }
457. 2-CONFIG::capability::use_kernel_module={ mode=permissive grant_log=no reject_log=yes }
458. 2-CONFIG::capability::SYS_PTRACE={ mode=permissive grant_log=no reject_log=yes }
459. 3-COMMENT=-----Enforcing Mode-----
460. 3-PREFERENCE={ max_audit_log=1024 max_learning_entry=2048 enforcing_penalty=0 }
461. 3-CONFIG={ mode=disabled grant_log=yes reject_log=yes }
462. 3-CONFIG::file::execute={ mode=enforcing grant_log=no reject_log=yes }
463. 3-CONFIG::file::open={ mode=enforcing grant_log=no reject_log=yes }
464. 3-CONFIG::file::symlink={ mode=enforcing grant_log=no reject_log=yes }
465. 3-CONFIG::file::link={ mode=enforcing grant_log=no reject_log=yes }
466. 3-CONFIG::file::rename={ mode=enforcing grant_log=no reject_log=yes }
467. 3-CONFIG::file::chroot={ mode=enforcing grant_log=no reject_log=yes }
468. 3-CONFIG::file::mount={ mode=enforcing grant_log=no reject_log=yes }
469. 3-CONFIG::file::unmount={ mode=enforcing grant_log=no reject_log=yes }
470. 3-CONFIG::file::pivot_root={ mode=enforcing grant_log=no reject_log=yes }
471. 3-CONFIG::file::create={ mode=enforcing grant_log=no reject_log=yes }
472. 3-CONFIG::file::unlink={ mode=enforcing grant_log=no reject_log=yes }
473. 3-CONFIG::file::chown={ mode=enforcing grant_log=no reject_log=yes }
474. 3-CONFIG::file::chgrp={ mode=enforcing grant_log=no reject_log=yes }
475. 3-CONFIG::file::chmod={ mode=enforcing grant_log=no reject_log=yes }
476. 3-CONFIG::file::mkdir={ mode=enforcing grant_log=no reject_log=yes }
477. 3-CONFIG::file::rmdir={ mode=enforcing grant_log=no reject_log=yes }
478. 3-CONFIG::file::truncate={ mode=enforcing grant_log=no reject_log=yes }
479. 3-CONFIG::capability::use_kernel_module={ mode=enforcing grant_log=no reject_log=yes }
480. 3-CONFIG::capability::SYS_PTRACE={ mode=enforcing grant_log=no reject_log=yes }
481. keep_domain any from <kernel> //./app-user
482. keep_domain any from <kernel> //./system-user
483. keep_domain any from <kernel> //./other-user
484. keep_domain any from <kernel> /init
485. no_keep_domain /sbin/adbd from <kernel> /init
486. keep_domain any from <kernel> /init /sbin/adbd
487. no_keep_domain /system/bin/sh from <kernel> /init /sbin/adbd
488. no_keep_domain /system/bin/anpand from <kernel> /init
489. keep_domain any from <kernel> /init /system/bin/anpand
490. no_keep_domain /system/bin/installd from <kernel> /init
491. keep_domain any from <kernel> /init /system/bin/installd
492. no_keep_domain /system/bin/app_process from <kernel> /init
493. no_keep_domain /system/bin/debuggerd from <kernel> /init
494. keep_domain any from <kernel> /init /system/bin/debuggerd
495. no_keep_domain /system/bin/felicamdl from <kernel> /init
496. no_keep_domain /system/bin/rild from <kernel> /init
497. keep_domain any from <kernel> /init /system/bin/rild
498. no_keep_domain /system/bin/rmt_storage from <kernel> /init
499. keep_domain any from <kernel> /init /system/bin/rmt_storage
500. no_keep_domain /system/bin/sh from <kernel> /init
501. no_keep_domain /system/bin/vold from <kernel> /init
502. no_keep_domain /system/bin/vssd from <kernel> /init
503. keep_domain any from <kernel> /init /system/bin/vssd
504. no_keep_domain /system/bin/cryptsetup.backend from <kernel> /init /system/bin/vssd
505. keep_domain any from <kernel> /init /system/bin/vssd /system/bin/cryptsetup.backend
506. no_keep_domain /system/bin/vcryptd from <kernel> /init
507. keep_domain any from <kernel> /init /system/bin/vcryptd
508. no_keep_domain /system/bin/vcrypt_setup.sh from <kernel> /init
509. keep_domain any from <kernel> /init /system/bin/vcrypt_setup.sh
510. no_keep_domain /system/bin/mount_crypt from <kernel> /init /system/bin/vcrypt_setup.sh
511. keep_domain any from <kernel> /init /system/bin/vcrypt_setup.sh /system/bin/mount_crypt
512. no_keep_domain /system/bin/cryptsetup.backend from <kernel> /init /system/bin/vcrypt_setup.sh /system/bin/mount_crypt
513. keep_domain any from <kernel> /init /system/bin/vcrypt_setup.sh /system/bin/mount_crypt /system/bin/cryptsetup.backend
514. keep_domain any from <kernel> /init /sbin/adbd /system/bin/sh
515. no_keep_domain /system/bin/app_process from <kernel> /init /sbin/adbd /system/bin/sh
516. keep_domain any from <kernel> /init /system/bin/sh
517. keep_domain any from <kernel> /init /system/bin/vold
518. initialize_domain /system/bin/app_process from any
519. path_group PER_ANY_DIR /
520. path_group PER_ANY_DIR /\{\*\}/
521. path_group PER_ANY_DIR \*:/
522. path_group PER_ANY_DIR \*:/\{\*\}/
523. path_group PER_EXEC_FILE /\*
524. path_group PER_EXEC_FILE /\{\*\}/\*\-cryptsetup.backend\-genpassphrase
525. path_group PER_LINK_FILE /acct/\*
526. path_group PER_LINK_FILE /acct/\{\*\}/\*
527. path_group PER_LINK_FILE /block1/\*
528. path_group PER_LINK_FILE /block1/\{\*\}/\*
529. path_group PER_LINK_FILE /cache/\*
530. path_group PER_LINK_FILE /cache/\{\*\}/\*
531. path_group PER_LINK_FILE /data/\*
532. path_group PER_LINK_FILE /data/\{\*\}/\*
533. path_group PER_LINK_FILE /dev/\*\-felica\-felica_cen\-felica_cfg\-felica_interrupt\-felica_pon\-felica_rfs\-felica_rws\-kmem\-mem\-udlfomf
534. path_group PER_LINK_FILE /dev/\{\*\}/\*\-mmcblk0\*
535. path_group PER_LINK_FILE /log/\*
536. path_group PER_LINK_FILE /log/\{\*\}/\*
537. path_group PER_LINK_FILE /log3/\*
538. path_group PER_LINK_FILE /log3/\{\*\}/\*
539. path_group PER_LINK_FILE /fotadelta/\*
540. path_group PER_LINK_FILE /fotadelta/\{\*\}/\*
541. path_group PER_LINK_FILE /mnt/\*
542. path_group PER_LINK_FILE /mnt/asec/\*
543. path_group PER_LINK_FILE /mnt/asec/\{\*\}/\*
544. path_group PER_LINK_FILE /mnt/obb/\*
545. path_group PER_LINK_FILE /mnt/obb/\{\*\}/\*
546. path_group PER_LINK_FILE /mnt/private/\*
547. path_group PER_LINK_FILE /mnt/private/\{\*\}/\*
548. path_group PER_LINK_FILE /mnt/sdcard/\*
549. path_group PER_LINK_FILE /mnt/sdcard/\{\*\}/\*
550. path_group PER_LINK_FILE /mnt/secure/\*
551. path_group PER_LINK_FILE /mnt/secure/\{\*\}/\*
552. path_group PER_LINK_FILE /persist/\*
553. path_group PER_LINK_FILE /persist/\{\*\}/\*
554. path_group PER_LINK_FILE /tmp/\*
555. path_group PER_LINK_FILE /tmp/\{\*\}/\*
556. path_group PER_LINK_FILE /tombstones/\*
557. path_group PER_LINK_FILE /tombstones/\{\*\}/\*
558. path_group PER_LINK_FILE debugfs:/\*
559. path_group PER_LINK_FILE debugfs:/\{\*\}/\*
560. path_group PER_LINK_FILE devpts:/\*
561. path_group PER_LINK_FILE devpts:/\{\*\}/\*
562. path_group PER_LINK_FILE proc:/\*
563. path_group PER_LINK_FILE proc:/\{\*\}/\*\-vcrypt-be
564. path_group PER_LINK_FILE sysfs:/\*
565. path_group PER_LINK_FILE sysfs:/\{\*\}/\*
566. path_group PER_LINK_DIR /acct/\{\*\}/
567. path_group PER_LINK_DIR /block1/\{\*\}/
568. path_group PER_LINK_DIR /cache/\{\*\}/
569. path_group PER_LINK_DIR /data/\{\*\}/
570. path_group PER_LINK_DIR /log/\{\*\}/
571. path_group PER_LINK_DIR /log3/\{\*\}/
572. path_group PER_LINK_DIR /fotadelta/\{\*\}/
573. path_group PER_LINK_DIR /mnt/
574. path_group PER_LINK_DIR /mnt/asec/
575. path_group PER_LINK_DIR /mnt/asec/\{\*\}/
576. path_group PER_LINK_DIR /mnt/obb/
577. path_group PER_LINK_DIR /mnt/obb/\{\*\}/
578. path_group PER_LINK_DIR /mnt/private/
579. path_group PER_LINK_DIR /mnt/private/\{\*\}/
580. path_group PER_LINK_DIR /mnt/sdcard/
581. path_group PER_LINK_DIR /mnt/sdcard/\{\*\}/
582. path_group PER_LINK_DIR /mnt/secure/
583. path_group PER_LINK_DIR /mnt/secure/\{\*\}/
584. path_group PER_LINK_DIR /persist/\{\*\}/
585. path_group PER_LINK_DIR /tmp/\{\*\}/
586. path_group PER_LINK_DIR /tombstones/\{\*\}/
587. path_group PER_LINK_DIR \*:/
588. path_group PER_LINK_DIR \*:/\{\*\}/
589. path_group PER_SYMLINK_FILE /acct/\*
590. path_group PER_SYMLINK_FILE /acct/\{\*\}/\*
591. path_group PER_SYMLINK_FILE /block1/\*
592. path_group PER_SYMLINK_FILE /block1/\{\*\}/\*
593. path_group PER_SYMLINK_FILE /cache/\*
594. path_group PER_SYMLINK_FILE /cache/\{\*\}/\*
595. path_group PER_SYMLINK_FILE /data/\*
596. path_group PER_SYMLINK_FILE /data/\{\*\}/\*
597. path_group PER_SYMLINK_FILE /dev/\*
598. path_group PER_SYMLINK_FILE /dev/\{\*\}/\*
599. path_group PER_SYMLINK_FILE /log/\*
600. path_group PER_SYMLINK_FILE /log/\{\*\}/\*
601. path_group PER_SYMLINK_FILE /log3/\*
602. path_group PER_SYMLINK_FILE /log3/\{\*\}/\*
603. path_group PER_SYMLINK_FILE /fotadelta/\*
604. path_group PER_SYMLINK_FILE /fotadelta/\{\*\}/\*
605. path_group PER_SYMLINK_FILE /mnt/\*
606. path_group PER_SYMLINK_FILE /mnt/asec/\*
607. path_group PER_SYMLINK_FILE /mnt/asec/\{\*\}/\*
608. path_group PER_SYMLINK_FILE /mnt/obb/\*
609. path_group PER_SYMLINK_FILE /mnt/obb/\{\*\}/\*
610. path_group PER_SYMLINK_FILE /mnt/private/\*
611. path_group PER_SYMLINK_FILE /mnt/private/\{\*\}/\*
612. path_group PER_SYMLINK_FILE /mnt/sdcard/\*
613. path_group PER_SYMLINK_FILE /mnt/sdcard/\{\*\}/\*
614. path_group PER_SYMLINK_FILE /mnt/secure/\*
615. path_group PER_SYMLINK_FILE /mnt/secure/\{\*\}/\*
616. path_group PER_SYMLINK_FILE /persist/\*
617. path_group PER_SYMLINK_FILE /persist/\{\*\}/\*
618. path_group PER_SYMLINK_FILE /tmp/\*
619. path_group PER_SYMLINK_FILE /tmp/\{\*\}/\*
620. path_group PER_SYMLINK_FILE /tombstones/\*
621. path_group PER_SYMLINK_FILE /tombstones/\{\*\}/\*
622. path_group PER_SYMLINK_FILE debugfs:/\*
623. path_group PER_SYMLINK_FILE debugfs:/\{\*\}/\*
624. path_group PER_SYMLINK_FILE devpts:/\*
625. path_group PER_SYMLINK_FILE devpts:/\{\*\}/\*
626. path_group PER_SYMLINK_FILE proc:/\*
627. path_group PER_SYMLINK_FILE proc:/\{\*\}/\*
628. path_group PER_SYMLINK_FILE sysfs:/\*
629. path_group PER_SYMLINK_FILE sysfs:/\{\*\}/\*
630. path_group PER_READ_FILE /\*
631. path_group PER_READ_FILE /acct/\*
632. path_group PER_READ_FILE /acct/\{\*\}/\*
633. path_group PER_READ_FILE /block1/\*
634. path_group PER_READ_FILE /block1/\{\*\}/\*
635. path_group PER_READ_FILE /cache/\*
636. path_group PER_READ_FILE /cache/\{\*\}/\*
637. path_group PER_READ_FILE /config/\*
638. path_group PER_READ_FILE /config/\{\*\}/\*
639. path_group PER_READ_FILE /data/\*
640. path_group PER_READ_FILE /data/\{\*\}/\*
641. path_group PER_READ_FILE /dev/\*\-felica\-felica_cfg\-felica_interrupt\-felica_pon\-kmem\-mem\-udlfomf
642. path_group PER_READ_FILE /dev/\{\*\}/\*\-mmcblk0\*
643. path_group PER_READ_FILE /firmware/\*
644. path_group PER_READ_FILE /firmware/\{\*\}/\*
645. path_group PER_READ_FILE /log/\*
646. path_group PER_READ_FILE /log/\{\*\}/\*
647. path_group PER_READ_FILE /log3/\*
648. path_group PER_READ_FILE /log3/\{\*\}/\*
649. path_group PER_READ_FILE /fotadelta/\*
650. path_group PER_READ_FILE /fotadelta/\{\*\}/\*
651. path_group PER_READ_FILE /mnt/\*
652. path_group PER_READ_FILE /mnt/asec/\*
653. path_group PER_READ_FILE /mnt/asec/\{\*\}/\*
654. path_group PER_READ_FILE /mnt/obb/\*
655. path_group PER_READ_FILE /mnt/obb/\{\*\}/\*
656. path_group PER_READ_FILE /mnt/private/\*
657. path_group PER_READ_FILE /mnt/private/\{\*\}/\*
658. path_group PER_READ_FILE /mnt/sdcard/\*
659. path_group PER_READ_FILE /mnt/sdcard/\{\*\}/\*
660. path_group PER_READ_FILE /mnt/secure/\*
661. path_group PER_READ_FILE /mnt/secure/\{\*\}/\*
662. path_group PER_READ_FILE /persist/\*
663. path_group PER_READ_FILE /persist/\{\*\}/\*
664. path_group PER_READ_FILE /res/\*
665. path_group PER_READ_FILE /res/\{\*\}/\*
666. path_group PER_READ_FILE /root/\*
667. path_group PER_READ_FILE /root/\{\*\}/\*
668. path_group PER_READ_FILE /sbin/\*\-ccs-init\-ccs-file
669. path_group PER_READ_FILE /sbin/\{\*\}/\*
670. path_group PER_READ_FILE /system/\*
671. path_group PER_READ_FILE /system/\{\*\}/\*\-libSecureIDDB_jni.so\-libSafetyBox_jni.so\-libNormalIDDB_jni.so\-libvanfc.so\-libvssl.so\-libvcrypt_be.so\-libnfcid.so\-MobileFeliCaClient.odex\-data_app_fn.zip\-felicaDT.apk\-felicaDT.odex\-FeliCaControl.apk
672. path_group PER_READ_FILE /tmp/\*
673. path_group PER_READ_FILE /tmp/\{\*\}/\*
674. path_group PER_READ_FILE /tombstones/\*
675. path_group PER_READ_FILE /tombstones/\{\*\}/\*
676. path_group PER_READ_FILE debugfs:/\*
677. path_group PER_READ_FILE debugfs:/\{\*\}/\*
678. path_group PER_READ_FILE devpts:/\*
679. path_group PER_READ_FILE devpts:/\{\*\}/\*
680. path_group PER_READ_FILE proc:/\*
681. path_group PER_READ_FILE proc:/\{\*\}/\*\-vcrypt-be
682. path_group PER_READ_FILE sysfs:/\*
683. path_group PER_READ_FILE sysfs:/\{\*\}/\*
684. path_group PER_RENAME_DIR /acct/\{\*\}/
685. path_group PER_RENAME_DIR /block1/\{\*\}/
686. path_group PER_RENAME_DIR /cache/\{\*\}/
687. path_group PER_RENAME_DIR /data/\{\*\}/
688. path_group PER_RENAME_DIR /log/\{\*\}/
689. path_group PER_RENAME_DIR /log3/\{\*\}/
690. path_group PER_RENAME_DIR /fotadelta/\{\*\}/
691. path_group PER_RENAME_DIR /mnt/
692. path_group PER_RENAME_DIR /mnt/asec/
693. path_group PER_RENAME_DIR /mnt/asec/\{\*\}/
694. path_group PER_RENAME_DIR /mnt/obb/
695. path_group PER_RENAME_DIR /mnt/obb/\{\*\}/
696. path_group PER_RENAME_DIR /mnt/private/
697. path_group PER_RENAME_DIR /mnt/private/\{\*\}/
698. path_group PER_RENAME_DIR /mnt/sdcard/
699. path_group PER_RENAME_DIR /mnt/sdcard/\{\*\}/
700. path_group PER_RENAME_DIR /mnt/secure/
701. path_group PER_RENAME_DIR /mnt/secure/\{\*\}/
702. path_group PER_RENAME_DIR /persist/\{\*\}/
703. path_group PER_RENAME_DIR /tmp/\{\*\}/
704. path_group PER_RENAME_DIR /tombstones/\{\*\}/
705. path_group PER_RENAME_FILE /acct/\*
706. path_group PER_RENAME_FILE /acct/\{\*\}/\*
707. path_group PER_RENAME_FILE /block1/\*
708. path_group PER_RENAME_FILE /block1/\{\*\}/\*
709. path_group PER_RENAME_FILE /cache/\*
710. path_group PER_RENAME_FILE /cache/\{\*\}/\*
711. path_group PER_RENAME_FILE /data/\*
712. path_group PER_RENAME_FILE /data/\{\*\}/\*
713. path_group PER_RENAME_FILE /log/\*
714. path_group PER_RENAME_FILE /log/\{\*\}/\*
715. path_group PER_RENAME_FILE /log3/\*
716. path_group PER_RENAME_FILE /log3/\{\*\}/\*
717. path_group PER_RENAME_FILE /fotadelta/\*
718. path_group PER_RENAME_FILE /fotadelta/\{\*\}/\*
719. path_group PER_RENAME_FILE /mnt/\*
720. path_group PER_RENAME_FILE /mnt/asec/\*
721. path_group PER_RENAME_FILE /mnt/asec/\{\*\}/\*
722. path_group PER_RENAME_FILE /mnt/obb/\*
723. path_group PER_RENAME_FILE /mnt/obb/\{\*\}/\*
724. path_group PER_RENAME_FILE /mnt/private/\*
725. path_group PER_RENAME_FILE /mnt/private/\{\*\}/\*
726. path_group PER_RENAME_FILE /mnt/sdcard/\*
727. path_group PER_RENAME_FILE /mnt/sdcard/\{\*\}/\*
728. path_group PER_RENAME_FILE /mnt/secure/\*
729. path_group PER_RENAME_FILE /mnt/secure/\{\*\}/\*
730. path_group PER_RENAME_FILE /persist/\*
731. path_group PER_RENAME_FILE /persist/\{\*\}/\*
732. path_group PER_RENAME_FILE /tmp/\*
733. path_group PER_RENAME_FILE /tmp/\{\*\}/\*
734. path_group PER_RENAME_FILE /tombstones/\*
735. path_group PER_RENAME_FILE /tombstones/\{\*\}/\*
736. path_group PER_WRITE_FILE /acct/\*
737. path_group PER_WRITE_FILE /acct/\{\*\}/\*
738. path_group PER_WRITE_FILE /block1/\*
739. path_group PER_WRITE_FILE /block1/\{\*\}/\*
740. path_group PER_WRITE_FILE /cache/\*
741. path_group PER_WRITE_FILE /cache/\{\*\}/\*
742. path_group PER_WRITE_FILE /data/\*
743. path_group PER_WRITE_FILE /data/\{\*\}/\*
744. path_group PER_WRITE_FILE /dev/\*\-felica\-felica_cen\-felica_cfg\-felica_interrupt\-felica_pon\-felica_rfs\-felica_rws\-kmem\-mem\-udlfomf
745. path_group PER_WRITE_FILE /dev/\{\*\}/\*\-mmcblk0\*
746. path_group PER_WRITE_FILE /log/\*
747. path_group PER_WRITE_FILE /log/\{\*\}/\*
748. path_group PER_WRITE_FILE /log3/\*
749. path_group PER_WRITE_FILE /log3/\{\*\}/\*
750. path_group PER_WRITE_FILE /fotadelta/\*
751. path_group PER_WRITE_FILE /fotadelta/\{\*\}/\*
752. path_group PER_WRITE_FILE /mnt/\*
753. path_group PER_WRITE_FILE /mnt/asec/\*
754. path_group PER_WRITE_FILE /mnt/asec/\{\*\}/\*
755. path_group PER_WRITE_FILE /mnt/obb/\*
756. path_group PER_WRITE_FILE /mnt/obb/\{\*\}/\*
757. path_group PER_WRITE_FILE /mnt/private/\*
758. path_group PER_WRITE_FILE /mnt/private/\{\*\}/\*
759. path_group PER_WRITE_FILE /mnt/sdcard/\*
760. path_group PER_WRITE_FILE /mnt/sdcard/\{\*\}/\*
761. path_group PER_WRITE_FILE /mnt/secure/\*
762. path_group PER_WRITE_FILE /mnt/secure/\{\*\}/\*
763. path_group PER_WRITE_FILE /persist/\*
764. path_group PER_WRITE_FILE /persist/\{\*\}/\*
765. path_group PER_WRITE_FILE /tmp/\*
766. path_group PER_WRITE_FILE /tmp/\{\*\}/\*
767. path_group PER_WRITE_FILE /tombstones/\*
768. path_group PER_WRITE_FILE /tombstones/\{\*\}/\*
769. path_group PER_WRITE_FILE debugfs:/\*
770. path_group PER_WRITE_FILE debugfs:/\{\*\}/\*
771. path_group PER_WRITE_FILE devpts:/\*
772. path_group PER_WRITE_FILE devpts:/\{\*\}/\*
773. path_group PER_WRITE_FILE proc:/\*
774. path_group PER_WRITE_FILE proc:/\{\*\}/\*\-vcrypt-be
775. path_group PER_WRITE_FILE sysfs:/\*
776. path_group PER_WRITE_FILE sysfs:/\{\*\}/\*
777. path_group PER_COMMON_DIR \*:/
778. path_group PER_COMMON_DIR \*:/\{\*\}/
779. path_group PER_COMMON_DIR /
780. path_group PER_COMMON_DIR /acct/
781. path_group PER_COMMON_DIR /acct/\{\*\}/
782. path_group PER_COMMON_DIR /block1/
783. path_group PER_COMMON_DIR /block1/\{\*\}/
784. path_group PER_COMMON_DIR /cache/
785. path_group PER_COMMON_DIR /cache/\{\*\}/
786. path_group PER_COMMON_DIR /config/
787. path_group PER_COMMON_DIR /config/\{\*\}/
788. path_group PER_COMMON_DIR /data/
789. path_group PER_COMMON_DIR /data/\{\*\}/
790. path_group PER_COMMON_DIR /dev/
791. path_group PER_COMMON_DIR /dev/\{\*\}/
792. path_group PER_COMMON_DIR /firmware/
793. path_group PER_COMMON_DIR /firmware/\{\*\}/
794. path_group PER_COMMON_DIR /log/
795. path_group PER_COMMON_DIR /log/\{\*\}/
796. path_group PER_COMMON_DIR /log3/
797. path_group PER_COMMON_DIR /log3/\{\*\}/
798. path_group PER_COMMON_DIR /fotadelta/
799. path_group PER_COMMON_DIR /fotadelta/\{\*\}/
800. path_group PER_COMMON_DIR /mnt/
801. path_group PER_COMMON_DIR /mnt/asec/
802. path_group PER_COMMON_DIR /mnt/asec/\{\*\}/
803. path_group PER_COMMON_DIR /mnt/obb/
804. path_group PER_COMMON_DIR /mnt/obb/\{\*\}/
805. path_group PER_COMMON_DIR /mnt/private/
806. path_group PER_COMMON_DIR /mnt/private/\{\*\}/
807. path_group PER_COMMON_DIR /mnt/sdcard/
808. path_group PER_COMMON_DIR /mnt/sdcard/\{\*\}/
809. path_group PER_COMMON_DIR /mnt/secure/
810. path_group PER_COMMON_DIR /mnt/secure/\{\*\}/
811. path_group PER_COMMON_DIR /persist/
812. path_group PER_COMMON_DIR /persist/\{\*\}/
813. path_group PER_COMMON_DIR /res/
814. path_group PER_COMMON_DIR /res/\{\*\}/
815. path_group PER_COMMON_DIR /root/
816. path_group PER_COMMON_DIR /root/\{\*\}/
817. path_group PER_COMMON_DIR /sbin/
818. path_group PER_COMMON_DIR /sbin/\{\*\}/
819. path_group PER_COMMON_DIR /system/
820. path_group PER_COMMON_DIR /system/\{\*\}/
821. path_group PER_COMMON_DIR /tmp/
822. path_group PER_COMMON_DIR /tmp/\{\*\}/
823. path_group PER_COMMON_DIR /tombstones/
824. path_group PER_COMMON_DIR /tombstones/\{\*\}/
825. path_group PER_COMMON_FILE \*:/\*
826. path_group PER_COMMON_FILE \*:/\{\*\}/\*
827. path_group PER_COMMON_FILE /\*
828. path_group PER_COMMON_FILE /acct/\*
829. path_group PER_COMMON_FILE /acct/\{\*\}/\*
830. path_group PER_COMMON_FILE /block1/\*
831. path_group PER_COMMON_FILE /block1/\{\*\}/\*
832. path_group PER_COMMON_FILE /cache/\*
833. path_group PER_COMMON_FILE /cache/\{\*\}/\*
834. path_group PER_COMMON_FILE /config/\*
835. path_group PER_COMMON_FILE /config/\{\*\}/\*
836. path_group PER_COMMON_FILE /data/\*
837. path_group PER_COMMON_FILE /data/\{\*\}/\*
838. path_group PER_COMMON_FILE /dev/\*
839. path_group PER_COMMON_FILE /dev/\{\*\}/\*
840. path_group PER_COMMON_FILE /firmware/\*
841. path_group PER_COMMON_FILE /firmware/\{\*\}/\*
842. path_group PER_COMMON_FILE /log/\*
843. path_group PER_COMMON_FILE /log/\{\*\}/\*
844. path_group PER_COMMON_FILE /log3/\*
845. path_group PER_COMMON_FILE /log3/\{\*\}/\*
846. path_group PER_COMMON_FILE /fotadelta/\*
847. path_group PER_COMMON_FILE /fotadelta/\{\*\}/\*
848. path_group PER_COMMON_FILE /mnt/\*
849. path_group PER_COMMON_FILE /mnt/asec/\*
850. path_group PER_COMMON_FILE /mnt/asec/\{\*\}/\*
851. path_group PER_COMMON_FILE /mnt/obb/\*
852. path_group PER_COMMON_FILE /mnt/obb/\{\*\}/\*
853. path_group PER_COMMON_FILE /mnt/private/\*
854. path_group PER_COMMON_FILE /mnt/private/\{\*\}/\*
855. path_group PER_COMMON_FILE /mnt/sdcard/\*
856. path_group PER_COMMON_FILE /mnt/sdcard/\{\*\}/\*
857. path_group PER_COMMON_FILE /mnt/secure/\*
858. path_group PER_COMMON_FILE /mnt/secure/\{\*\}/\*
859. path_group PER_COMMON_FILE /persist/\*
860. path_group PER_COMMON_FILE /persist/\{\*\}/\*
861. path_group PER_COMMON_FILE /res/\*
862. path_group PER_COMMON_FILE /res/\{\*\}/\*
863. path_group PER_COMMON_FILE /root/\*
864. path_group PER_COMMON_FILE /root/\{\*\}/\*
865. path_group PER_COMMON_FILE /sbin/\*
866. path_group PER_COMMON_FILE /sbin/\{\*\}/\*
867. path_group PER_COMMON_FILE /system/\*
868. path_group PER_COMMON_FILE /system/\{\*\}/\*
869. path_group PER_COMMON_FILE /tmp/\*
870. path_group PER_COMMON_FILE /tmp/\{\*\}/\*
871. path_group PER_COMMON_FILE /tombstones/\*
872. path_group PER_COMMON_FILE /tombstones/\{\*\}/\*
873. number_group COMMON_MODE 0-07777
874. number_group COMMON_ID 0-4294967295
875. acl_group 0 file read @PER_READ_FILE
876. acl_group 0 file read @PER_ANY_DIR
877. acl_group 0 file rename @PER_RENAME_DIR @PER_RENAME_DIR
878. acl_group 0 file rename @PER_RENAME_FILE @PER_RENAME_FILE
879. acl_group 0 file write/append @PER_WRITE_FILE
880. acl_group 0 file link @PER_LINK_FILE @PER_LINK_FILE
881. acl_group 0 file link @PER_LINK_DIR @PER_LINK_DIR
882. acl_group 0 file symlink @PER_SYMLINK_FILE
883. acl_group 0 file create @PER_COMMON_FILE @COMMON_MODE
884. acl_group 0 file unlink @PER_COMMON_DIR
885. acl_group 0 file unlink @PER_COMMON_FILE
886. acl_group 0 file chown @PER_COMMON_DIR @COMMON_ID
887. acl_group 0 file chown @PER_COMMON_FILE @COMMON_ID
888. acl_group 0 file chgrp @PER_COMMON_DIR @COMMON_ID
889. acl_group 0 file chgrp @PER_COMMON_FILE @COMMON_ID
890. acl_group 0 file chmod @PER_COMMON_DIR @COMMON_MODE
891. acl_group 0 file chmod @PER_COMMON_FILE @COMMON_MODE
892. acl_group 0 file mkdir @PER_COMMON_DIR @COMMON_MODE
893. acl_group 0 file rmdir @PER_COMMON_DIR
894. acl_group 0 file truncate @PER_COMMON_FILE
895. acl_group 1 file read @PER_READ_FILE
896. acl_group 1 file read @PER_ANY_DIR
897. acl_group 1 file rename @PER_RENAME_DIR @PER_RENAME_DIR
898. acl_group 1 file rename @PER_RENAME_FILE @PER_RENAME_FILE
899. acl_group 1 file write/append @PER_WRITE_FILE
900. acl_group 1 file link @PER_LINK_FILE @PER_LINK_FILE
901. acl_group 1 file link @PER_LINK_DIR @PER_LINK_DIR
902. acl_group 1 file symlink @PER_SYMLINK_FILE
903. acl_group 1 file create @PER_COMMON_FILE @COMMON_MODE
904. acl_group 1 file unlink @PER_COMMON_DIR
905. acl_group 1 file unlink @PER_COMMON_FILE
906. acl_group 1 file chown @PER_COMMON_DIR @COMMON_ID
907. acl_group 1 file chown @PER_COMMON_FILE @COMMON_ID
908. acl_group 1 file chgrp @PER_COMMON_DIR @COMMON_ID
909. acl_group 1 file chgrp @PER_COMMON_FILE @COMMON_ID
910. acl_group 1 file chmod @PER_COMMON_DIR @COMMON_MODE
911. acl_group 1 file chmod @PER_COMMON_FILE @COMMON_MODE
912. acl_group 1 file mkdir @PER_COMMON_DIR @COMMON_MODE
913. acl_group 1 file rmdir @PER_COMMON_DIR
914. acl_group 1 file truncate @PER_COMMON_FILE
915. acl_group 1 task auto_domain_transition <kernel> //./other-user task.gid=1-999
916. acl_group 1 task auto_domain_transition <kernel> //./other-user task.uid=1-999
917. acl_group 1 task auto_domain_transition <kernel> //./system-user task.gid=1000
918. acl_group 1 task auto_domain_transition <kernel> //./system-user task.uid=1000
919. acl_group 1 task auto_domain_transition <kernel> //./other-user task.gid=1001-3999
920. acl_group 1 task auto_domain_transition <kernel> //./other-user task.uid=1001-3999
921. acl_group 1 task auto_domain_transition <kernel> //./felica-user task.gid=4000
922. acl_group 1 task auto_domain_transition <kernel> //./felica-user task.uid=4000
923. acl_group 1 task auto_domain_transition <kernel> //./fclock-user task.gid=4001
924. acl_group 1 task auto_domain_transition <kernel> //./fclock-user task.uid=4001
925. acl_group 1 task auto_domain_transition <kernel> //./felicaDT-user task.gid=4002
926. acl_group 1 task auto_domain_transition <kernel> //./felicaDT-user task.uid=4002
927. acl_group 1 task auto_domain_transition <kernel> //./felicaCTL-user task.gid=4003
928. acl_group 1 task auto_domain_transition <kernel> //./felicaCTL-user task.uid=4003
929. acl_group 1 task auto_domain_transition <kernel> //./other-user task.gid=4004-4299
930. acl_group 1 task auto_domain_transition <kernel> //./other-user task.uid=4004-4299
931. acl_group 1 task auto_domain_transition <kernel> //./taginv-user task.gid=4300
932. acl_group 1 task auto_domain_transition <kernel> //./taginv-user task.uid=4300
933. acl_group 1 task auto_domain_transition <kernel> //./other-user task.gid=4301-4499
934. acl_group 1 task auto_domain_transition <kernel> //./other-user task.uid=4301-4499
935. acl_group 1 task auto_domain_transition <kernel> //./iddb-user task.gid=4500
936. acl_group 1 task auto_domain_transition <kernel> //./iddb-user task.uid=4500
937. acl_group 1 task auto_domain_transition <kernel> //./other-user task.gid=4501-9999
938. acl_group 1 task auto_domain_transition <kernel> //./other-user task.uid=4501-9999
939. acl_group 1 task auto_domain_transition <kernel> //./app-user task.gid=10000-4294967295
940. acl_group 1 task auto_domain_transition <kernel> //./app-user task.uid=10000-4294967295