| type cros_chromeos_postinst, domain, chromeos_domain; |
| |
| domain_auto_trans_nnp(cros_chromeos_install, cros_chromeos_postinst_exec, cros_chromeos_postinst); |
| |
| allow cros_chromeos_postinst self:capability { sys_admin sys_chroot }; |
| |
| allow cros_chromeos_postinst { |
| cros_chromeos_install |
| cros_os_install_service |
| }:fd use; |
| allow cros_chromeos_postinst cros_os_install_service:fifo_file write; |
| |
| allow cros_chromeos_postinst { |
| cros_coreutils_exec |
| cros_mount_exec |
| cros_umount_exec |
| sh_exec |
| }:file rx_file_perms; |
| |
| allow cros_chromeos_postinst { |
| cros_stateful_partition |
| sysfs |
| unlabeled |
| }:dir r_dir_perms; |
| |
| allow cros_chromeos_postinst cros_run:dir w_dir_perms; |
| allow cros_chromeos_postinst device:{ blk_file lnk_file } r_file_perms; |
| |
| allow cros_chromeos_postinst { |
| cros_run |
| cros_stateful_partition |
| cros_var |
| device |
| rootfs |
| sysfs |
| tmpfs |
| unlabeled |
| }:dir mounton; |
| |
| allow cros_chromeos_postinst { |
| device |
| labeledfs |
| proc |
| tmpfs |
| sysfs |
| }:filesystem unmount; |
| |
| # Special handling for permissions that conflict with CTS neverallow |
| # rules. This makes the policy permissive when used with the ARC |
| # container, but not when used with ARCVM. The two branches should be |
| # kept in sync. |
| is_arc_vm(` |
| allow cros_chromeos_postinst proc:dir mounton; |
| ',`arc_cts_fails_release(` |
| allow cros_chromeos_postinst proc:dir mounton; |
| ', (`cros_chromeos_postinst')); |
| ') |