From a80416e380272dc20f33f304f2f39a63517563f6 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Tue, 17 Oct 2017 14:37:56 -0700
Subject: [PATCH] shell: grant access to read /proc/filesystems

Addresses the following test failure:
system/extras/tests/kernel.config/nfs_test.cpp:24: Failure
Value of: android::base::ReadFileToString("/proc/filesystems", &fs)
Actual: false
Expected: true

Denial:
avc: denied { read } for name="filesystems" dev="proc"
scontext=u:r:shell:s0 tcontext=u:object_r:proc_filesystems:s0
tclass=file

Bug: 67862327
Test: build
Change-Id: I9ada5404987cb474968afc8cb8d96137ee36c68d
---
 public/shell.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/shell.te b/public/shell.te
index 4ac663815..fb650bf92 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -109,6 +109,7 @@ allow shell hwservicemanager:hwservice_manager list;
 # allow shell to look through /proc/ for ps, top, netstat
 r_dir_file(shell, proc)
 r_dir_file(shell, proc_net)
+allow shell proc_filesystems:file r_file_perms;
 allow shell proc_interrupts:file r_file_perms;
 allow shell proc_meminfo:file r_file_perms;
 allow shell proc_stat:file r_file_perms;
-- 
GitLab