# Policy for usf daemons
type usf, domain;
type usf_exec, exec_type, file_type;

# Started by init
init_daemon_domain(usf)
net_domain(usf)

# Ultrasound device
allow usf usf_device:chr_file rw_file_perms;

# Audio
allow usf audio_data_file:sock_file write;
allow usf mediaserver:unix_stream_socket connectto;
allow usf audio_data_file:dir r_dir_perms;
allow usf audio_device:chr_file rw_file_perms;
allow usf proc_audiod:file r_file_perms;
allow usf audio_device:dir r_dir_perms;

# Data files and persist storage
allow usf usf_data_file:dir rw_dir_perms;
allow usf usf_data_file:{ file sock_file fifo_file } create_file_perms;
allow usf usf_data_file:lnk_file r_file_perms;
r_dir_file(usf, persist_file)
r_dir_file(usf, persist_usf_file)

# Properties
allow usf { ctl_default_prop usf_prop }:property_service set;

# Sockets
unix_socket_connect(usf, property, init);