Skip to content
Snippets Groups Projects
Commit 9273c1bb authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Explicitly allow netd to take the iptables lock. 

This was previously relying on domain_deprecated rules deleted in
change I588a1e7ea7ef984907b79a5a391efb2dcd6e6431.

Bug: 28760354
Test: unbreaks networking on AOSP bullhead
Change-Id: I873e1f08f72104dee7509e45b1db0b284ca56085
parent 50992311
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 0 deletions
public/netd.te
+ 3
0
View file @ 9273c1bb
......@@ -51,6 +51,9 @@ allow netd net_data_file:file create_file_perms;
allow netd net_data_file:dir rw_dir_perms;
allow netd self:capability fowner;
# Needed to lock the iptables lock.
allow netd system_file:file lock;
# Allow netd to spawn dnsmasq in it's own domain
allow netd dnsmasq:process signal;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment