From 668d8e4c33270fe5d264fc2845d16db812587b0e Mon Sep 17 00:00:00 2001
From: kongdian <kongdian@huawei.com>
Date: Fri, 12 Sep 2025 09:55:51 +0800
Subject: [PATCH] DH warmup selinux change

Signed-off-by: kongdian <kongdian@huawei.com>
---
 sepolicy/base/public/domain.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/base/public/domain.te b/sepolicy/base/public/domain.te
index 4fc2fa1ed..4301d0e9f 100644
--- a/sepolicy/base/public/domain.te
+++ b/sepolicy/base/public/domain.te
@@ -314,7 +314,7 @@ neverallow * self:{ capability cap_userns } ipc_owner;
 neverallow { domain -cap_violator_sysmodule } self:{ capability cap_userns } sys_module;
 neverallow { domain -init -chipset_init -cap_violator_sysrawio} self:{ capability cap_userns } sys_rawio;
 neverallow { domain -init -chipset_init -appspawn -rgm_violator_ohos_capability_syschroot } self:{ capability cap_userns } sys_chroot;
-neverallow { domain -appspawn -hiview -hidumper_service -memmgrservice -storage_daemon -hiprofiler_cmd -hiprofiler_plugins -native_daemon -hiperf
+neverallow { domain -appspawn -hiview -ohos_hmos_fusion_manager -hidumper_service -memmgrservice -storage_daemon -hiprofiler_cmd -hiprofiler_plugins -native_daemon -hiperf
     -foundation -cap_violator_sysptrace debug_only(`-hiebpf') -SP_daemon -rgm_violator_ohos_capability_sysptrace developer_only(`-test_server') } self:{ capability cap_userns } sys_ptrace;
 neverallow * self:{ capability cap_userns } sys_pacct;
 neverallow { domain -kernel -init -chipset_init -storage_daemon -installs -appspawn -nwebspawn -nativespawn -cjappspawn -netsysnative -file_guard_server debug_only(`-hiprofiler_plugins -hiebpf') updater_only(`-updater') -rgm_violator_ohos_capability_sysadmin -rgm_violator_cap_sysadmin -module_update_service -prerogative_app -backup_sa } self:{ capability cap_userns } sys_admin;
-- 
Gitee