Add domains for goldfish services. goldfish-setup, goldfish-logcat, and qemu-props are goldfish-specific oneshot services that lacked domain definitions and thus were left in init's domain. This depends on a change to external/sepolicy with the same Change-Id to define non-goldfish-specific types for properties and logcat. Change-Id: Idce1fb5ed9680af84788ae69a5ace684c6663974 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

commit: 704744ad812e76b2f9f43c04d9cc07a60b530168 [log] [tgz]
author: Stephen Smalley <sds@tycho.nsa.gov> Wed Sep 03 11:07:03 2014 -0400
committer: Stephen Smalley <sds@tycho.nsa.gov> Mon Sep 22 14:41:56 2014 -0400
tree: 5d642eca71cbc88f246df27406b2150d852a80a9
parent: c5a99042e944787b2cd5f2e93ba4775ffd9e36fc [diff] [blame]
diff --git a/target/board/generic/sepolicy/qemu_props.te b/target/board/generic/sepolicy/qemu_props.te
new file mode 100644
index 0000000..ade111d
--- /dev/null
+++ b/target/board/generic/sepolicy/qemu_props.te

@@ -0,0 +1,10 @@
+# qemu-props service:  Sets system properties on boot.
+type qemu_props, domain;
+type qemu_props_exec, exec_type, file_type;
+permissive_or_unconfined(qemu_props)
+
+init_daemon_domain(qemu_props)
+
+# Set properties.
+unix_socket_connect(qemu_props, property, init)
+allow qemu_props { qemu_prop dalvik_prop config_prop }:property_service set;
commit	704744ad812e76b2f9f43c04d9cc07a60b530168	[log] [tgz]
author	Stephen Smalley <sds@tycho.nsa.gov>	Wed Sep 03 11:07:03 2014 -0400
committer	Stephen Smalley <sds@tycho.nsa.gov>	Mon Sep 22 14:41:56 2014 -0400
tree	5d642eca71cbc88f246df27406b2150d852a80a9
parent	c5a99042e944787b2cd5f2e93ba4775ffd9e36fc [diff] [blame]