From ca326e2c64f2e3ea0e68809bba9d53cd9627d971 Mon Sep 17 00:00:00 2001
From: repo sync <gcondra@google.com>
Date: Thu, 2 May 2013 13:26:05 -0700
Subject: [PATCH] Add policy for ping.

Change-Id: I168f681d8c67f470b6e639f0b1bf39346c4eb396
---
 file_contexts |  1 +
 ping.te       | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 ping.te

diff --git a/file_contexts b/file_contexts
index 3d885b112..15f9f5998 100644
--- a/file_contexts
+++ b/file_contexts
@@ -148,6 +148,7 @@
 /system/etc/dhcpcd(/.*)? u:object_r:dhcp_system_file:s0
 /system/xbin/su		u:object_r:su_exec:s0
 /system/vendor/bin/gpsd u:object_r:gpsd_exec:s0
+/system/bin/ping    u:object_r:ping_exec:s0
 #############################
 # Vendor files
 #
diff --git a/ping.te b/ping.te
new file mode 100644
index 000000000..5b8bc953b
--- /dev/null
+++ b/ping.te
@@ -0,0 +1,12 @@
+type ping, domain;
+type ping_exec, file_type;
+domain_auto_trans(shell, ping_exec, ping)
+
+allow ping self:capability net_raw;
+allow ping self:rawip_socket create_socket_perms;
+allow ping self:udp_socket create_socket_perms;
+allow ping node:rawip_socket node_bind;
+allow ping dnsproxyd_socket:sock_file write;
+allow ping netd:unix_stream_socket connectto;
+allow ping devpts:chr_file rw_file_perms;
+allow ping shell:fd use;
-- 
GitLab