sensors.te: add capability selinux rules for QMI Service
Addresses following denial:
<5>[ 9.549983] type=1400 audit(773328.329:5): avc: denied { net_bind_service } for pid=260 comm="sensors.qcom" capability=10 scontext=u:r:sensors:s0 tcontext=u:r:sensors:s0 tclass=capability
permissive=0
<3>[ 9.549987] IPC_RTR: msm_ipc_router_bind: sensors.qcom Do not have permissions
Bug: 18173330
Change-Id: Ib01d43c64ac390b627b1e22fa110d6a747572b5e
diff --git a/sepolicy/sensors.te b/sepolicy/sensors.te
index a0d1f61..bac2d54 100644
--- a/sepolicy/sensors.te
+++ b/sepolicy/sensors.te
@@ -6,7 +6,7 @@
init_daemon_domain(sensors)
# drop privileges
-allow sensors self:capability { dac_override sys_nice chown setuid setgid};
+allow sensors self:capability { dac_override sys_nice chown setuid setgid net_bind_service};
allow sensors persist_sensors_file:dir setattr;