logd: permit app access to clear logs

I/auditd(19949): type=1400 audit(0.0:71): avc: denied { write } for comm="logcat" name="logd" dev="tmpfs" ino=5924 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:logd_socket:s0 tclass=sock_file Bug: 17323719 Change-Id: Id8399195196ffad884eef98030d544c68ed0596f

logd: permit app access to clear logs
I/auditd(19949): type=1400 audit(0.0:71): avc: denied { write } for comm="logcat" name="logd" dev="tmpfs" ino=5924 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:logd_socket:s0 tclass=sock_file Bug: 17323719 Change-Id: Id8399195196ffad884eef98030d544c68ed0596f
60f0be84 · Mark Salyzyn · 09eae908 · 60f0be84
Commit 60f0be84 authored 10 years ago by Mark Salyzyn
--- a/app.te
+++ b/app.te
@@ -168,6 +168,7 @@ allow appdomain domain:process getattr;
 # logd access
 read_logd(appdomain)
+control_logd(appdomain)
 # application inherit logd write socket (urge is to deprecate this long term)
 allow appdomain zygote:unix_dgram_socket write;