From 867ae0561c9b5587853c8e62ceb9036e79217b92 Mon Sep 17 00:00:00 2001
From: rpcraig <rpcraig@tycho.ncsc.mil>
Date: Wed, 15 Aug 2012 06:25:14 -0400
Subject: [PATCH] dhcp policy.

---
 dhcp.te       | 22 ++++++++++++++++++++++
 file_contexts |  3 +++
 2 files changed, 25 insertions(+)
 create mode 100644 dhcp.te

diff --git a/dhcp.te b/dhcp.te
new file mode 100644
index 000000000..b596479e3
--- /dev/null
+++ b/dhcp.te
@@ -0,0 +1,22 @@
+type dhcp, domain;
+type dhcp_exec, exec_type, file_type;
+type dhcp_data_file, file_type, data_file_type;
+type dhcp_system_file, file_type, data_file_type;
+
+init_daemon_domain(dhcp)
+
+allow dhcp cgroup:dir { create add_name };
+allow dhcp self:capability { setgid setuid net_admin net_raw };
+allow dhcp self:packet_socket { create setopt bind write read };
+allow dhcp self:netlink_route_socket { write nlmsg_write read create bind };
+allow dhcp self:udp_socket { create ioctl };
+allow dhcp shell_exec:file { read open execute };
+allow dhcp proc:file write;
+allow dhcp property_socket:sock_file write ;
+allow dhcp system_prop:property_service set ;
+allow dhcp dhcp_system_file:file rx_file_perms;
+allow dhcp dhcp_system_file:dir r_dir_perms;
+unix_socket_connect(dhcp, property, init)
+
+type_transition dhcp system_data_file:{ dir file } dhcp_data_file;
+allow dhcp dhcp_data_file:dir { write add_name search };
diff --git a/file_contexts b/file_contexts
index ecf6e2222..77e0875bc 100644
--- a/file_contexts
+++ b/file_contexts
@@ -102,6 +102,8 @@
 /system/bin/wpa_supplicant	u:object_r:wpa_exec:s0
 /system/bin/qemud	u:object_r:qemud_exec:s0
 /system/bin/sdcard      u:object_r:sdcardd_exec:s0
+/system/bin/dhcpcd      u:object_r:dhcp_exec:s0
+/system/etc/dhcpcd(/.*)? u:object_r:dhcp_system_file:s0
 /system/xbin/su		u:object_r:su_exec:s0
 /system/vendor/bin/gpsd u:object_r:gpsd_exec:s0
 #############################
@@ -124,6 +126,7 @@
 /data/misc/systemkeys(/.*)?	u:object_r:systemkeys_data_file:s0
 /data/misc/wifi(/.*)?		u:object_r:wifi_data_file:s0
 /data/misc/camera(/.*)?	u:object_r:camera_calibration_file:s0
+/data/misc/dhcp(/.*)?           u:object_r:dhcp_data_file:s0
 # App sandboxes
 /data/data/.*		u:object_r:app_data_file:s0
 # Wallpaper file.
-- 
GitLab