From 43cd0ccefc568699a9aaea797ea18455be65fdf5 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 15 Oct 2015 13:35:01 -0700
Subject: [PATCH] allow shell self:process ptrace;

Allow the non-privileged adb shell user to run strace. Without
this patch, the command "strace /system/bin/ls" fails with the
following error:

  shell@android:/ $ strace /system/bin/ls
  strace: ptrace(PTRACE_TRACEME, ...): Permission denied
  +++ exited with 1 +++

Change-Id: I207fe0f71941bff55dbeb6fe130e636418f333ee
---
 shell.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/shell.te b/shell.te
index 893403a3a..39b599fca 100644
--- a/shell.te
+++ b/shell.te
@@ -88,6 +88,9 @@ allow shell domain:process getattr;
 allow shell bootchart_data_file:dir rw_dir_perms;
 allow shell bootchart_data_file:file create_file_perms;
 
+# Make sure strace works for the non-privileged shell user
+allow shell self:process ptrace;
+
 # Do not allow shell to hard link to any files.
 # In particular, if shell hard links to app data
 # files, installd will not be able to guarantee the deletion
-- 
GitLab