Fix clatd, broken by selinux policing /dev/tun
Bug: 10175701 Change-Id: I185df22bdbaafd56725760ec6c71340b67455046
This commit is contained in:
Lorenzo Colitti
parent
32c0dbd212
commit
ab7dfabb61
3 changed files with 13 additions and 0 deletions
8
clatd.te
Normal file
8
clatd.te
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# 464xlat daemon
|
||||
type clatd, domain;
|
||||
permissive clatd;
|
||||
type clatd_exec, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(clatd)
|
||||
net_domain(clatd)
|
||||
unconfined_domain(clatd)
|
||||
|
|
@ -151,6 +151,7 @@
|
|||
/system/bin/ping u:object_r:ping_exec:s0
|
||||
/system/bin/dnsmasq u:object_r:dnsmasq_exec:s0
|
||||
/system/bin/hostapd u:object_r:hostapd_exec:s0
|
||||
/system/bin/clatd u:object_r:clatd_exec:s0
|
||||
#############################
|
||||
# Vendor files
|
||||
#
|
||||
|
|
|
|||
4
netd.te
4
netd.te
|
|
@ -47,6 +47,10 @@ allow netd hostapd:process signal;
|
|||
domain_auto_trans(netd, dnsmasq_exec, dnsmasq)
|
||||
allow netd dnsmasq:process signal;
|
||||
|
||||
# Allow netd to start clatd in its own domain
|
||||
domain_auto_trans(netd, clatd_exec, clatd)
|
||||
allow netd clatd:process signal;
|
||||
|
||||
# Support netd running mdnsd
|
||||
# TODO: prune this back further
|
||||
allow netd ctl_default_prop:property_service set;
|
||||
|
|
|
|||
Loading…
Reference in a new issue