binkybear · August 29, 2015 14:12
diff --git a/gistfile1.txt b/gistfile1.txt
 supolicy --live \
 	"allow install_recovery system_data_file file { execute_no_trans setattr read create write ioctl unlink open}" \
 	"allow install_recovery system_data_file sock_file { setattr unlink create write }" \
 	"allow install_recovery fuse dir { mounton setattr }" \
 	"allow install_recovery proc filesystem { mount }" \
 	"allow install_recovery rootfs dir { mounton setattr mount }" \
 	"allow install_recovery tmpfs dir { create add_name mounton setattr write}" \
 	"allow init_shell sysfs filesystem { mount }" \
 	"allow install_recovery system_data_file dir { remove_name add_name write }" \
 	"allow init_shell init_shell rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
 	"allow install_recovery install_recovery rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
 	"allow init_shell init_shell udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
 	"allow install_recovery install_recovery udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
 	"allow install_recovery node udp_socket { node_bind name_bind }" \
 	"allow install_recovery port udp_socket { node_bind name_bind }" \
 	"allow init_shell init_shell tcp_socket { bind read setopt getopt create write getattr listen ioctl connect}" \
 	"allow install_recovery install_recovery netlink_socket { read write create setopt bind getattr read write}" \
 	"allow install_recovery install_recovery netlink_route_socket { read write create setopt bind getattr read write nlmsg_write }" \
 	"allow install_recovery install_recovery process { signull }" \
 	"allow install_recovery proc_net file { write }" \
 	"allow install_recovery ssr dir { search }" \
 	"allow install_recovery ssr file { open read }" \
 	"allow install_recovery untrusted_app process { signull }" \
 	"allow install_recovery untrusted_app_devpts chr_file { ioctl write getattr open }" \
 	"allow install_recovery device chr_file { ioctl read write getattr open }" \
 	"allow install_recovery dhcp dir { open read }" \
 	"allow install_recovery su file { open read }" \
 	"allow install_recovery su dir { open read search }" \
 	"allow install_recovery system_app file { open read search }" \
 	"allow install_recovery system_app dir { open read  }" \
 	"allow install_recovery platform_app file { open read search }" \
 	"allow install_recovery radio dir { open read search }" \
 	"allow install_recovery system_data_file file { rename link unlink append }" \
 	"allow install_recovery install_recovery packet_socket { create setopt bind read write setopt getopt }" \
 	"allow init_shell init_shell packet_socket { create setopt bind read write setopt getopt }" \
 	"allow install_recovery install_recovery capability { net_bind_service net_admin fsetid net_raw sys_chroot setgid setuid kill }" \
 	"allow init_shell init_shell capability { dac_override net_bind_service net_admin net_raw sys_chroot setgid setuid }"
	supolicy --live \
	"allow install_recovery system_data_file file { execute_no_trans setattr read create write ioctl unlink open}" \
	"allow install_recovery system_data_file sock_file { setattr unlink create write }" \
	"allow install_recovery fuse dir { mounton setattr }" \
	"allow install_recovery proc filesystem { mount }" \
	"allow install_recovery rootfs dir { mounton setattr mount }" \
	"allow install_recovery tmpfs dir { create add_name mounton setattr write}" \
	"allow init_shell sysfs filesystem { mount }" \
	"allow install_recovery system_data_file dir { remove_name add_name write }" \
	"allow init_shell init_shell rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
	"allow install_recovery install_recovery rawip_socket { bind read setopt getopt create write ioctl getattr listen connect }" \
	"allow init_shell init_shell udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
	"allow install_recovery install_recovery udp_socket { bind read setopt getopt create write ioctl getattr listen connect node_bind name_bind }" \
	"allow install_recovery node udp_socket { node_bind name_bind }" \
	"allow install_recovery port udp_socket { node_bind name_bind }" \
	"allow init_shell init_shell tcp_socket { bind read setopt getopt create write getattr listen ioctl connect}" \
	"allow install_recovery install_recovery netlink_socket { read write create setopt bind getattr read write}" \
	"allow install_recovery install_recovery netlink_route_socket { read write create setopt bind getattr read write nlmsg_write }" \
	"allow install_recovery install_recovery process { signull }" \
	"allow install_recovery proc_net file { write }" \
	"allow install_recovery ssr dir { search }" \
	"allow install_recovery ssr file { open read }" \
	"allow install_recovery untrusted_app process { signull }" \
	"allow install_recovery untrusted_app_devpts chr_file { ioctl write getattr open }" \
	"allow install_recovery device chr_file { ioctl read write getattr open }" \
	"allow install_recovery dhcp dir { open read }" \
	"allow install_recovery su file { open read }" \
	"allow install_recovery su dir { open read search }" \
	"allow install_recovery system_app file { open read search }" \
	"allow install_recovery system_app dir { open read }" \
	"allow install_recovery platform_app file { open read search }" \
	"allow install_recovery radio dir { open read search }" \
	"allow install_recovery system_data_file file { rename link unlink append }" \
	"allow install_recovery install_recovery packet_socket { create setopt bind read write setopt getopt }" \
	"allow init_shell init_shell packet_socket { create setopt bind read write setopt getopt }" \
	"allow install_recovery install_recovery capability { net_bind_service net_admin fsetid net_raw sys_chroot setgid setuid kill }" \
	"allow init_shell init_shell capability { dac_override net_bind_service net_admin net_raw sys_chroot setgid setuid }"