From fb076f8b115cf0bb888fcfdef4e9f1e54f101d88 Mon Sep 17 00:00:00 2001
From: repo sync <gcondra@google.com>
Date: Tue, 7 May 2013 16:58:01 -0700
Subject: [PATCH] Add temporary policy for wpa_supplicant.

This allows wpa_supplicant to interact with the sockets created
for it by init. Eventually we'll want those to be properly
labelled, but allow until then.

Change-Id: I33fcd22173a8d47bbc4ada8d6aa62b4d159cbb15
---
 wpa_supplicant.te | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/wpa_supplicant.te b/wpa_supplicant.te
index 00912e5f7..30d34901d 100644
--- a/wpa_supplicant.te
+++ b/wpa_supplicant.te
@@ -19,6 +19,5 @@ allow wpa random_device:chr_file r_file_perms;
 type_transition wpa wifi_data_file:sock_file wpa_socket;
 allow wpa wpa_socket:sock_file create_file_perms;
 
-# Allow init to create wpa_socket and transition to wpa
-type_transition init wpa_socket:unix_dgram_socket wpa_socket;
-allow wpa wpa_socket:unix_dgram_socket { read write };
+# Allow wpa to read and write unix dgram sockets from init
+allow wpa init:unix_dgram_socket { read write };
-- 
GitLab