fix build: exclude bluetooth from neverallow restriction
Bluetooth is sometimes started from init.
Addresses the following compiler error:
libsepol.report_failure: neverallow on line 489 of
system/sepolicy/domain.te (or line 9149 of policy.conf) violated by
allow init bluetooth:process { transition };
libsepol.check_assertions: 1 neverallow failures occurred
Error while expanding policy
Change-Id: I2bc1e15217892e1ba2a62c9683af0f3c0aa16b86
diff --git a/domain.te b/domain.te
index 332db94..a853b3a 100644
--- a/domain.te
+++ b/domain.te
@@ -485,7 +485,7 @@
# Only domains spawned from zygote and runas may have the appdomain attribute.
neverallow { domain -runas -zygote } {
- appdomain -shell userdebug_or_eng(`-su')
+ appdomain -shell userdebug_or_eng(`-su') -bluetooth
}:process { transition dyntransition };
# Minimize read access to shell- or app-writable symlinks.