sepolicy/policy/chromeos/cros_parted.te - mirrors/cros/chromiumos/platform2 - Git at Google

 type cros_parted, domain, chromeos_domain;

 domain_auto_trans_nnp(cros_chromeos_install, cros_parted_exec, cros_parted);
 domain_auto_trans_nnp(cros_os_install_service, cros_parted_exec, cros_parted);

 allow cros_parted self:capability sys_admin;

 allow cros_parted {
   cros_chromeos_install
   cros_os_install_service
 }:fd use;
 allow cros_parted {
 cros_chromeos_install
   cros_os_install_service
 }:fifo_file w_file_perms;

 allow cros_parted device:blk_file rw_file_perms;
 allow cros_parted device:lnk_file r_file_perms;
 allow cros_parted proc_swaps:file r_file_perms;
 r_dir_file(cros_parted sysfs);
	type cros_parted, domain, chromeos_domain;

	domain_auto_trans_nnp(cros_chromeos_install, cros_parted_exec, cros_parted);
	domain_auto_trans_nnp(cros_os_install_service, cros_parted_exec, cros_parted);

	allow cros_parted self:capability sys_admin;

	allow cros_parted {
	cros_chromeos_install
	cros_os_install_service
	}:fd use;
	allow cros_parted {
	cros_chromeos_install
	cros_os_install_service
	}:fifo_file w_file_perms;

	allow cros_parted device:blk_file rw_file_perms;
	allow cros_parted device:lnk_file r_file_perms;
	allow cros_parted proc_swaps:file r_file_perms;
	r_dir_file(cros_parted sysfs);