Add permissions back to app / shell domains

am: 8ff6a86d * commit '8ff6a86d': Add permissions back to app / shell domains

Add permissions back to app / shell domains
am: 8ff6a86d * commit '8ff6a86d': Add permissions back to app / shell domains
f7a0cc51 · Nick Kralevich · android-build-merger · 781a4bed · 8ff6a86d · f7a0cc51
Commit f7a0cc51 authored 9 years ago by Nick Kralevich Committed by android-build-merger 9 years ago
--- a/app.te
+++ b/app.te
@@ -29,6 +29,16 @@ allow appdomain zygote:process sigchld;
 allow appdomain cgroup:dir { search write };
 allow appdomain cgroup:file w_file_perms;
+# Read /data/dalvik-cache.
+allow appdomain dalvikcache_data_file:dir { search getattr };
+allow appdomain dalvikcache_data_file:file r_file_perms;
+# Read the /sdcard symlink
+allow appdomain rootfs:lnk_file r_file_perms;
+# Search /storage/emulated tmpfs mount.
+allow appdomain tmpfs:dir r_dir_perms;
 userdebug_or_eng(`
  # Notify zygote of the wrapped process PID when using --invoke-with.
  allow appdomain zygote:fifo_file write;

--- a/shell.te
+++ b/shell.te
@@ -25,6 +25,9 @@ userdebug_or_eng(`
 allow shell adbd:fd use;
 allow shell adbd:unix_stream_socket { read write ioctl getattr };
+# Root fs.
+allow shell rootfs:dir r_dir_perms;
 # read files in /data/anr
 allow shell anr_data_file:dir r_dir_perms;
 allow shell anr_data_file:file r_file_perms;