Remove recovery from mknod neverallow rule

This was only used on grouper, which is now EOLd. Change-Id: Idb65930bb214fdb3339b18fae94ffb3f6ac391c5

Remove recovery from mknod neverallow rule
98a2f7fe · Nick Kralevich · 7e26f157 · 98a2f7fe
Commit 98a2f7fe authored 9 years ago by Nick Kralevich
--- a/domain.te
+++ b/domain.te
@@ -185,7 +185,7 @@ neverallow {
 } self:capability sys_ptrace;

 # Limit device node creation to these whitelisted domains.
-neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -vold -uncrypt -slideshow } self:capability mknod;
+neverallow { domain -kernel -init -ueventd -watchdogd -healthd -vold -uncrypt -slideshow } self:capability mknod;

 # Limit raw I/O to these whitelisted domains.
 neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -vold -uncrypt -tee } self:capability sys_rawio;