# qlogd
type qlogd, domain;
type qlogd_exec, exec_type, file_type;

# make transition from init to its domain
init_daemon_domain(qlogd)

# need to access sharemem log device for smem logs
allow qlogd smem_log_device:chr_file { open read write ioctl };

# need to add more capabilities for qlogd
allow qlogd self:capability { setuid setgid dac_override dac_read_search sys_admin };
allow qlogd self:capability2 syslog;

# need to access system_data partitions for configration files
allow qlogd system_data_file:dir { write add_name };
allow qlogd system_data_file:file { open read write create };
allow qlogd system_file:file execute_no_trans;

# need to create and listen socket
allow qlogd socket_device:sock_file { create setattr };
allow qlogd qlogd_socket:sock_file { create read write setattr };

# need to start shell execute files
allow qlogd shell_exec:file { execute read open execute_no_trans };

# need to create and write files in fuse partition
allow qlogd fuse:dir { search read write add_name create open };
allow qlogd fuse:file { create read write append open getattr };

#need to capture kmsg
allow qlogd kernel:system syslog_mod;

# need for capture adb logs
allow qlogd logdr_socket:sock_file write;
allow qlogd logd:unix_stream_socket connectto;