fix build: exclude bluetooth from neverallow restriction Bluetooth is sometimes started from init. Addresses the following compiler error: libsepol.report_failure: neverallow on line 489 of system/sepolicy/domain.te (or line 9149 of policy.conf) violated by allow init bluetooth:process { transition }; libsepol.check_assertions: 1 neverallow failures occurred Error while expanding policy Change-Id: I2bc1e15217892e1ba2a62c9683af0f3c0aa16b86

commit: 7e3802162387b0ddcc641bc9061dbaf75e42298b [log] [tgz]
author: Nick Kralevich <nnk@google.com> Mon Aug 22 17:29:46 2016 -0700
committer: Nick Kralevich <nnk@google.com> Mon Aug 22 17:29:46 2016 -0700
tree: 3813a332bd23196c8fbfc489bc67cf000c19e637
parent: c55cf17a6b4a23f8ef66ff816f871d7d9e8de56a [diff]
diff --git a/domain.te b/domain.te
index 332db94..a853b3a 100644
--- a/domain.te
+++ b/domain.te

@@ -485,7 +485,7 @@
 
 # Only domains spawned from zygote and runas may have the appdomain attribute.
 neverallow { domain -runas -zygote } {
-  appdomain -shell userdebug_or_eng(`-su')
+  appdomain -shell userdebug_or_eng(`-su') -bluetooth
 }:process { transition dyntransition };
 
 # Minimize read access to shell- or app-writable symlinks.
commit	7e3802162387b0ddcc641bc9061dbaf75e42298b	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Mon Aug 22 17:29:46 2016 -0700
committer	Nick Kralevich <nnk@google.com>	Mon Aug 22 17:29:46 2016 -0700
tree	3813a332bd23196c8fbfc489bc67cf000c19e637
parent	c55cf17a6b4a23f8ef66ff816f871d7d9e8de56a [diff]