type bullhead-sh, domain, device_domain_deprecated;
type bullhead-sh_exec, exec_type, file_type;

# Started by init
init_daemon_domain(bullhead-sh)

# Access to /data/misc/radio/*
allow bullhead-sh radio_data_file:file create_file_perms;
allow bullhead-sh radio_data_file:dir create_dir_perms;

# Chwon /data/misc/radio/modem_config
allow bullhead-sh self:capability chown;

# Copy /firmware/image/modem_pr/mcfg/configs/ to /data/misc/radio/*
allow bullhead-sh firmware_file:file r_file_perms;
allow bullhead-sh firmware_file:dir r_dir_perms;

allow bullhead-sh shell_exec:file r_file_perms;

# execute toybox/toolbox
allow bullhead-sh toolbox_exec:file rx_file_perms;