From bc19050cdd0178bc43faa588acc1875ae5c0af2c Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Sun, 15 Dec 2013 19:04:09 -0800
Subject: [PATCH] put netd into net_domain

This addresses the review comments from
https://android-review.googlesource.com/#/c/69855/

Change-Id: I4d4633db711695c7f959b60f247772b0ac67931f
---
 netd.te | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/netd.te b/netd.te
index 938fc686b..72784da8b 100644
--- a/netd.te
+++ b/netd.te
@@ -3,15 +3,13 @@ type netd, domain;
 type netd_exec, exec_type, file_type;
 
 init_daemon_domain(netd)
+net_domain(netd)
+
 allow netd self:capability { net_admin net_raw kill fsetid };
 allow netd self:netlink_kobject_uevent_socket *;
 allow netd self:netlink_route_socket *;
 allow netd self:netlink_nflog_socket *;
 allow netd self:rawip_socket *;
-allow netd self:{ tcp_socket udp_socket } *;
-allow netd node:{ tcp_socket udp_socket } node_bind;
-allow netd port:{ tcp_socket udp_socket } name_bind;
-allow netd port:tcp_socket name_connect;
 allow netd self:unix_stream_socket *;
 allow netd shell_exec:file rx_file_perms;
 allow netd system_file:file x_file_perms;
-- 
GitLab