domain.te: Temporarily work around debuggerd connection bug

For some reason, the debuggerd socket isn't getting properly labeled. Work around this bug for now by allowing all domains to connect to all unix stream sockets. Bug: 9858255 Change-Id: If994e51b0201ea8cae46341efc76dc71a4e577c8
author: Nick Kralevich <nnk@google.com> 2013-07-15 11:41:24 -0700
committer: Nick Kralevich <nnk@google.com> 2013-07-15 12:31:31 -0700
commit: 5919d1c86a2a1fea52f840ab30709048bd63f1f5 (patch)
tree: 8ec97426e49fe8814e6e9f5719cf2f42f2583f63
parent: 748fdef626d1dda2a0a727ea35d85d04363f5307 (diff)
download: sepolicy-5919d1c86a2a1fea52f840ab30709048bd63f1f5.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/domain.te b/domain.te
index 4cf20ea..ed519d4 100644
--- a/domain.te
+++ b/domain.te
@@ -30,9 +30,14 @@ allow domain adbd:unix_stream_socket connectto;
 allow domain adbd:fd use;
 allow domain adbd:unix_stream_socket { getattr read write shutdown };
 
-# Talk to debuggerd.
+###
+### Talk to debuggerd.
+###
 allow domain debuggerd:process sigchld;
 allow domain debuggerd:unix_stream_socket connectto;
+# b/9858255 - debuggerd sockets are not getting properly labeled.
+# TODO: Remove this temporary workaround.
+allow domain init:unix_stream_socket connectto;
 
 # Root fs.
 allow domain rootfs:dir r_dir_perms;
author	Nick Kralevich <nnk@google.com>	2013-07-15 11:41:24 -0700
committer	Nick Kralevich <nnk@google.com>	2013-07-15 12:31:31 -0700
commit	5919d1c86a2a1fea52f840ab30709048bd63f1f5 (patch)
tree	8ec97426e49fe8814e6e9f5719cf2f42f2583f63
parent	748fdef626d1dda2a0a727ea35d85d04363f5307 (diff)
download	sepolicy-5919d1c86a2a1fea52f840ab30709048bd63f1f5.tar.gz