Remove cgroup access from brillo_domain(). It's already included for all domains in domain.te. Bug: 27921359 Change-Id: Icaa808dabb388512f509748e34eaa77d2e489b58

commit: fda88a8a7e50ad83b64326ff1699eeb5e0df350e [log] [tgz]
author: Jorge Lucangeli Obes <jorgelo@google.com> Wed Mar 30 10:49:07 2016 -0700
committer: Jorge Lucangeli Obes <jorgelo@google.com> Thu Mar 31 16:43:29 2016 +0000
tree: 7db7652f55d675e8f89103857d18ffd9476c7ad8
parent: 09470a6558e03e969b22c6ccedd90583cf03700a [diff]
diff --git a/sepolicy/te_macros b/sepolicy/te_macros
index f236fc7..f64eaf3 100644
--- a/sepolicy/te_macros
+++ b/sepolicy/te_macros

@@ -9,10 +9,6 @@
 # Allow connections to dbus_daemon.
 unix_socket_connect($1, dbus_daemon, dbus_daemon)
 
-# Allow access to cgroups mount point at /acct.
-allow $1 cgroup:dir search;
-allow $1 cgroup:file w_file_perms;
-
 # Allow access to files in /proc.
 # Fixes denials like:
 # avc: denied { read } for pid=1267 comm="peripheralman" name="misc" dev="proc"
commit	fda88a8a7e50ad83b64326ff1699eeb5e0df350e	[log] [tgz]
author	Jorge Lucangeli Obes <jorgelo@google.com>	Wed Mar 30 10:49:07 2016 -0700
committer	Jorge Lucangeli Obes <jorgelo@google.com>	Thu Mar 31 16:43:29 2016 +0000
tree	7db7652f55d675e8f89103857d18ffd9476c7ad8
parent	09470a6558e03e969b22c6ccedd90583cf03700a [diff]