Allow shell serial_device read-write access

When starting the emulator, the system console writes entries to /dev/ttyS2. We need to allow the writes, otherwise this generates denials when you run "emulator -verbose -logcat '*:v' -show-kernel" Addresses the following denial: type=1400 audit(1395076594.320:446): avc: denied { read write } for pid=5600 comm="sh" path="/dev/ttyS2" dev="tmpfs" ino=1487 scontext=u:r:shell:s0 tcontext=u:object_r:serial_device:s0 tclass=chr_file Bug: 13506702 Change-Id: I3729537cabb0bf8e8b2905d3def43a293bb1081f
author: Nick Kralevich <nnk@google.com> 2014-03-18 15:17:35 -0700
committer: Nick Kralevich <nnk@google.com> 2014-03-18 15:17:35 -0700
commit: b20966f803e18c4cfbeb46af784fc2a553dd21b2 (patch)
tree: 4a88fc55ba79fcd1d965405e2be26e83b372b4f6 /target/board/generic/sepolicy
parent: 1cda15d3234a502ba7332b56a7bbecca228731cf (diff)
download: build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.zip
build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.gz
build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/target/board/generic/sepolicy/shell.te b/target/board/generic/sepolicy/shell.te
new file mode 100644
index 0000000..b246d7e
--- /dev/null
+++ b/target/board/generic/sepolicy/shell.te
@@ -0,0 +1 @@
+allow shell serial_device:chr_file rw_file_perms;
author	Nick Kralevich <nnk@google.com>	2014-03-18 15:17:35 -0700
committer	Nick Kralevich <nnk@google.com>	2014-03-18 15:17:35 -0700
commit	b20966f803e18c4cfbeb46af784fc2a553dd21b2 (patch)
tree	4a88fc55ba79fcd1d965405e2be26e83b372b4f6 /target/board/generic/sepolicy
parent	1cda15d3234a502ba7332b56a7bbecca228731cf (diff)
download	build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.zip build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.gz build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.bz2