# chromeos domain | |
type chromeos, chromeos_domain, domain, mlstrustedsubject; | |
net_domain(chromeos) | |
permissive chromeos; | |
domain_auto_trans(cros_init, cros_unconfined_exec, chromeos); | |
domain_auto_trans(cros_init_scripts, cros_unconfined_exec, chromeos); | |
domain_auto_trans(cros_session_manager, cros_unconfined_exec, chromeos); | |
r_dir_file(chromeos, sysfs); | |
allow kernel chromeos:process { share }; | |
allow chromeos kernel:fd { use }; | |
allow chromeos device:chr_file ioctl; | |
allow chromeos proc:file write; |