system_server.te: allow getopt/getattr on zygote socket

In 61dc3507, I forgot to allow system_server to run getopt/getattr on the zygote socket. Bug: 12061011 Change-Id: I14f8fc98c1b08dfd3c2188d562e594547dba69e6

system_server.te: allow getopt/getattr on zygote socket
c4d7c0d7 · Nick Kralevich · 61dc3507 · c4d7c0d7
Commit c4d7c0d7 authored 11 years ago by Nick Kralevich
--- a/system_server.te
+++ b/system_server.te
@@ -13,6 +13,10 @@ allow system_server zygote:fd use;
 allow system_server zygote:process sigchld;
 allow system_server zygote_tmpfs:file read;

+# Needed to close the zygote socket, which involves getopt / getattr
+# This should be deleted after b/12061011 is fixed
+allow system_server zygote:unix_stream_socket { getopt getattr };
+
 # system server gets network and bluetooth permissions.
 net_domain(system_server)
 bluetooth_domain(system_server)