sensors.te: add capability selinux rules for QMI Service Addresses following denial: <5>[ 9.549983] type=1400 audit(773328.329:5): avc: denied { net_bind_service } for pid=260 comm="sensors.qcom" capability=10 scontext=u:r:sensors:s0 tcontext=u:r:sensors:s0 tclass=capability permissive=0 <3>[ 9.549987] IPC_RTR: msm_ipc_router_bind: sensors.qcom Do not have permissions Bug: 18173330 Change-Id: Ib01d43c64ac390b627b1e22fa110d6a747572b5e

commit: d7b910cf62cc304428b805c89159c8e96a77ded0 [log] [tgz]
author: Mekala Natarajan <mekalan@codeaurora.org> Mon Nov 17 14:37:43 2014 -0800
committer: Nick Kralevich <nnk@google.com> Fri Feb 06 17:46:15 2015 -0800
tree: bc7be58acfca1f0cd3fd4680cec9d5ccc1b2f066
parent: 3671f7fef780d407b94e10867a7734f80f171cc3 [diff]
diff --git a/sepolicy/sensors.te b/sepolicy/sensors.te
index a0d1f61..bac2d54 100644
--- a/sepolicy/sensors.te
+++ b/sepolicy/sensors.te

@@ -6,7 +6,7 @@
 init_daemon_domain(sensors)
 
 # drop privileges
-allow sensors self:capability { dac_override sys_nice chown setuid setgid};
+allow sensors self:capability { dac_override sys_nice chown setuid setgid net_bind_service};
 
 allow sensors persist_sensors_file:dir setattr;
commit	d7b910cf62cc304428b805c89159c8e96a77ded0	[log] [tgz]
author	Mekala Natarajan <mekalan@codeaurora.org>	Mon Nov 17 14:37:43 2014 -0800
committer	Nick Kralevich <nnk@google.com>	Fri Feb 06 17:46:15 2015 -0800
tree	bc7be58acfca1f0cd3fd4680cec9d5ccc1b2f066
parent	3671f7fef780d407b94e10867a7734f80f171cc3 [diff]