b2fb9cdace
Copy selinux policy for tcp dump binary from previous Pixel to support TCP logging on P21 through PixelLogger. Bug: 184777243 Test: Check PixelLogger TCP dump works. Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
18 lines
761 B
Text
18 lines
761 B
Text
type tcpdump_logger, domain;
|
|
type tcpdump_logger_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
userdebug_or_eng(`
|
|
# make transition from init to its domain
|
|
init_daemon_domain(tcpdump_logger)
|
|
|
|
allow tcpdump_logger self:capability net_raw;
|
|
allow tcpdump_logger self:packet_socket create_socket_perms;
|
|
allowxperm tcpdump_logger self:packet_socket ioctl 0x8933;
|
|
allow tcpdump_logger tcpdump_exec:file rx_file_perms;
|
|
allow tcpdump_logger tcpdump_vendor_data_file:dir create_dir_perms;
|
|
allow tcpdump_logger tcpdump_vendor_data_file:file create_file_perms;
|
|
allow tcpdump_logger radio_vendor_data_file:file create_file_perms;
|
|
allow tcpdump_logger radio_vendor_data_file:dir create_dir_perms;
|
|
|
|
set_prop(tcpdump_logger, vendor_tcpdump_log_prop)
|
|
')
|