Revert "Ensure only com.android.shell can run in the shell domain."

The following error is occurring on master: 10-23 16:24:24.785 shell 4884 4884 E SELinux : seapp_context_lookup: No match for app with uid 2000, seinfo platform, name com.google.android.traceur 10-23 16:24:24.785 shell 4884 4884 E SELinux : selinux_android_setcontext: Error setting context for app with uid 2000, seinfo platform:targetSdkVersion=23:complete: Success 10-23 16:24:24.785 shell 4884 4884 E Zygote : selinux_android_setcontext(2000, 0, "platform:targetSdkVersion=23:complete", "com.google.android.traceur") failed 10-23 16:24:24.785 shell 4884 4884 F zygote64: jni_internal.cc:593] JNI FatalError called: frameworks/base/core/jni/com_android_internal_os_Zygote.cpp:648: selinux_android_setcontext failed 10-23 16:24:24.818 shell 4884 4884 F zygote64: runtime.cc:535] Runtime aborting... Bug: 68126425 Bug: 68032516 This reverts commit 714ee5f2. Change-Id: I7356c4e4facb1e532bfdeb575acf2d83761a0852

Revert "Ensure only com.android.shell can run in the shell domain."
The following error is occurring on master: 10-23 16:24:24.785 shell 4884 4884 E SELinux : seapp_context_lookup: No match for app with uid 2000, seinfo platform, name com.google.android.traceur 10-23 16:24:24.785 shell 4884 4884 E SELinux : selinux_android_setcontext: Error setting context for app with uid 2000, seinfo platform:targetSdkVersion=23:complete: Success 10-23 16:24:24.785 shell 4884 4884 E Zygote : selinux_android_setcontext(2000, 0, "platform:targetSdkVersion=23:complete", "com.google.android.traceur") failed 10-23 16:24:24.785 shell 4884 4884 F zygote64: jni_internal.cc:593] JNI FatalError called: frameworks/base/core/jni/com_android_internal_os_Zygote.cpp:648: selinux_android_setcontext failed 10-23 16:24:24.818 shell 4884 4884 F zygote64: runtime.cc:535] Runtime aborting... Bug: 68126425 Bug: 68032516 This reverts commit 714ee5f2. Change-Id: I7356c4e4facb1e532bfdeb575acf2d83761a0852
bf0c2a59 · Nick Kralevich · 714ee5f2 · bf0c2a59
Commit bf0c2a59 authored 7 years ago by Nick Kralevich
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -91,10 +91,6 @@ neverallow user=((?!_isolated).)* domain=isolated_app
 # uid's can be in shell domain
 neverallow user=shell domain=((?!shell).)*
-# only the package named com.android.shell can run in the shell domain
-neverallow domain=shell name=((?!com\.android\.shell).)*
-neverallow user=shell name=((?!com\.android\.shell).)*
 # Ephemeral Apps must run in the ephemeral_app domain
 neverallow isEphemeralApp=true domain=((?!ephemeral_app).)*
@@ -104,7 +100,7 @@ user=bluetooth seinfo=platform domain=bluetooth type=bluetooth_data_file
 user=nfc seinfo=platform domain=nfc type=nfc_data_file
 user=radio seinfo=platform domain=radio type=radio_data_file
 user=shared_relro domain=shared_relro
-user=shell seinfo=platform domain=shell name=com.android.shell type=shell_data_file
+user=shell seinfo=platform domain=shell type=shell_data_file
 user=_isolated domain=isolated_app levelFrom=user
 user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user
 user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user