Label /dev/socket/mdns with its own type.

Otherwise it gets left in the general device type, and we get denials such as: type=1400 msg=audit(1379617262.940:102): avc: denied { write } for pid=579 comm="mDnsConnector" name="mdns" dev="tmpfs" ino=3213 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=sock_file This of course only shows up if using a confined system_server. Change-Id: I2456dd7aa4d72e6fd15b55c251245186eb54a80a Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Label /dev/socket/mdns with its own type.
4caf8c99 · Stephen Smalley · 755cb39b · 4caf8c99 · 4caf8c99
Commit 4caf8c99 authored 11 years ago by Stephen Smalley
--- a/file.te
+++ b/file.te
@@ -90,6 +90,7 @@ type dnsproxyd_socket, file_type, mlstrustedobject;
 type gps_socket, file_type;
 type installd_socket, file_type;
 type keystore_socket, file_type;
+type mdns_socket, file_type;
 type netd_socket, file_type;
 type property_socket, file_type;
 type qemud_socket, file_type;

--- a/file_contexts
+++ b/file_contexts
@@ -85,6 +85,7 @@
 /dev/socket/dnsproxyd	u:object_r:dnsproxyd_socket:s0
 /dev/socket/installd	u:object_r:installd_socket:s0
 /dev/socket/keystore	u:object_r:keystore_socket:s0
+/dev/socket/mdns	u:object_r:mdns_socket:s0
 /dev/socket/netd	u:object_r:netd_socket:s0
 /dev/socket/property_service	u:object_r:property_socket:s0
 /dev/socket/qemud	u:object_r:qemud_socket:s0