shell.te: Allow read access to system_file

Certain tests depend on the ability to examine directories in /system. Allow it to the shell user. Addresses the following denials: avc: denied { read } for name="egl" dev="dm-1" ino=104 scontext=u:r:shell:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0 Bug: 26020967 Bug: 26023420 Change-Id: I509d921e159e99164c85fae9e8b2982a47573d14

shell.te: Allow read access to system_file
29b9532a · Nick Kralevich · 98c3f997 · 29b9532a
Commit 29b9532a authored 9 years ago by Nick Kralevich
--- a/shell.te
+++ b/shell.te
@@ -52,6 +52,7 @@ allow shell tty_device:chr_file rw_file_perms;
 allow shell console_device:chr_file rw_file_perms;
 allow shell input_device:dir r_dir_perms;
 allow shell input_device:chr_file rw_file_perms;
+r_dir_file(shell, system_file)
 allow shell system_file:file x_file_perms;
 allow shell toolbox_exec:file rx_file_perms;
 allow shell shell_exec:file rx_file_perms;