From 25fef2e19708a6260297c8486746f764497f8731 Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Fri, 16 Jan 2015 13:39:59 -0800
Subject: [PATCH] Allow shell to read /proc.

Grant shell read access to /proc taken away by
commit: 0d3f7ddc70572382edec58841b3d6262abf49f49

Addresses the following denials encountered when running ps or top.

Bug: 18799966
Change-Id: If764adeade562d884c3d710f1cd1cb34011efe89
---
 shell.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/shell.te b/shell.te
index af4ce0c29..f5b551bb7 100644
--- a/shell.te
+++ b/shell.te
@@ -62,3 +62,7 @@ allow shell kernel:system syslog_read;
 
 # allow shell to list services
 allow shell servicemanager:service_manager list;
+
+# allow shell to look through /proc/ for ps, top
+allow shell domain:dir { search open read getattr };
+allow shell domain:{ file lnk_file } { open read getattr };
-- 
GitLab