1# A wrapper program that configures the process and executes a command. 2type art_exec, domain, coredomain; 3type art_exec_exec, system_file_type, exec_type, file_type; 4 5# Usually, this program is executed in the caller's domain. For example, it is 6# executed in the `artd` domain when artd calls it. Domain transition will take 7# place as soon as it executes other programs. 8# The only exception is when called by init. In this case, it's executed in its 9# own domain because init should never execute a program without changing to 10# another domain. 11init_daemon_domain(art_exec) 12 13# init calls this program to execute artd in a chroot environment for Pre-reboot 14# Dexopt. 15domain_auto_trans(art_exec, artd_exec, artd) 16 17# "sys_chroot" is for chroot'ing into the chroot environment, created by 18# dexopt_chroot_setup. 19allow art_exec self:global_capability_class_set sys_chroot; 20 21# Allow finding artd in the chroot dir for Pre-reboot Dexopt. 22allow art_exec pre_reboot_dexopt_file:dir search; 23