Allow system access to overlay service am: de5db3ab02 am: ca7d90ca19 Change-Id: Ibe4770026852338dcfde327857ccffb1fc91a5a0

commit: 69bb06e55062cc9ce16f36fa01cc57be4ec2a39a [log] [tgz]
author: Jason Monk <jmonk@google.com> Mon May 22 22:28:05 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Mon May 22 22:28:05 2017 +0000
tree: 22442e722076a5ff2e217e785cb9abf15ee1c938
parent: 11cf06299b73d5cc1c86206ca4df42b2421a7c57 [diff]
parent: ca7d90ca19f0749f464d26fcdb5281a67c79c9fd [diff]
diff --git a/private/system_server.te b/private/system_server.te
index 6a11448..5ada67e 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -62,16 +62,13 @@
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;
commit	69bb06e55062cc9ce16f36fa01cc57be4ec2a39a	[log] [tgz]
author	Jason Monk <jmonk@google.com>	Mon May 22 22:28:05 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Mon May 22 22:28:05 2017 +0000
tree	22442e722076a5ff2e217e785cb9abf15ee1c938
parent	11cf06299b73d5cc1c86206ca4df42b2421a7c57 [diff]
parent	ca7d90ca19f0749f464d26fcdb5281a67c79c9fd [diff]