Allow apps to execute ping

Addresses the following denials: <5>[ 170.166218] type=1400 audit(1386789488.029:57): avc: denied { getattr } for pid=4352 comm="sh" path="/system/bin/ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file <5>[ 170.166356] type=1400 audit(1386789488.029:58): avc: denied { execute } for pid=4352 comm="sh" name="ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file <5>[ 170.166841] type=1400 audit(1386789488.029:59): avc: denied { read open } for pid=4389 comm="sh" name="ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file <5>[ 170.166962] type=1400 audit(1386789488.029:60): avc: denied { execute_no_trans } for pid=4389 comm="sh" path="/system/bin/ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file Change-Id: Ic175ef7392897a3941c36db67dfa59ded35204b5

Allow apps to execute ping
cf6b350a · Nick Kralevich · ca9ba328 · cf6b350a
Commit cf6b350a authored 11 years ago by Nick Kralevich
--- a/app.te
+++ b/app.te
@@ -59,6 +59,7 @@ allow appdomain system_data_file:file { execute execute_no_trans open };
 # Execute the shell or other system executables.
 allow appdomain shell_exec:file rx_file_perms;
 allow appdomain system_file:file rx_file_perms;
+allow appdomain ping_exec:file rx_file_perms;
 # Read/write wallpaper file (opened by system).
 allow appdomain wallpaper_file:file { read write };