Explicitly allow netd to take the iptables lock.
This was previously relying on domain_deprecated rules deleted in change I588a1e7ea7ef984907b79a5a391efb2dcd6e6431. Bug: 28760354 Test: unbreaks networking on AOSP bullhead Change-Id: I873e1f08f72104dee7509e45b1db0b284ca56085
This commit is contained in:
Lorenzo Colitti
parent
509923116f
commit
9273c1bb5c
1 changed files with 3 additions and 0 deletions
|
|
@ -51,6 +51,9 @@ allow netd net_data_file:file create_file_perms;
|
|||
allow netd net_data_file:dir rw_dir_perms;
|
||||
allow netd self:capability fowner;
|
||||
|
||||
# Needed to lock the iptables lock.
|
||||
allow netd system_file:file lock;
|
||||
|
||||
# Allow netd to spawn dnsmasq in it's own domain
|
||||
allow netd dnsmasq:process signal;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue