1*e4a36f41SAndroid Build Coastguard Workertypeattribute incident_helper coredomain; 2*e4a36f41SAndroid Build Coastguard Worker 3*e4a36f41SAndroid Build Coastguard Workertype incident_helper_exec, system_file_type, exec_type, file_type; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker# switch to incident_helper domain for incident_helper command 6*e4a36f41SAndroid Build Coastguard Workerdomain_auto_trans(incidentd, incident_helper_exec, incident_helper) 7*e4a36f41SAndroid Build Coastguard Worker 8*e4a36f41SAndroid Build Coastguard Worker# use pipe to transmit data from/to incidentd/incident_helper for parsing 9*e4a36f41SAndroid Build Coastguard Workerallow incident_helper { shell incident incidentd dumpstate }:fd use; 10*e4a36f41SAndroid Build Coastguard Workerallow incident_helper { shell incident incidentd dumpstate }:fifo_file { getattr read write }; 11*e4a36f41SAndroid Build Coastguard Workerallow incident_helper incidentd:unix_stream_socket { read write }; 12*e4a36f41SAndroid Build Coastguard Worker 13*e4a36f41SAndroid Build Coastguard Worker# only allow incidentd and shell to call incident_helper 14*e4a36f41SAndroid Build Coastguard Workerneverallow { domain -incidentd -incident_helper -shell } incident_helper_exec:file { execute execute_no_trans }; 15