Allow apexd to be fork_execvp'ed from init during userspace reboot Test: builds Test: adb reboot userspace Bug: 135984674 Change-Id: I089078232c40d533b712736b83a5ed757dde689e

commit: 8a4805265bfc77ad6390e14dca544da050a413d8 [log] [tgz]
author: Nikita Ioffe <ioffe@google.com> Thu Nov 14 14:28:43 2019 +0000
committer: Nikita Ioffe <ioffe@google.com> Thu Nov 14 15:31:47 2019 +0000
tree: 0644d7021fba136a001b60285a885a9266466984
parent: c03def15edd0a1e20c1170ea88a6d85ef529a46f [diff]
diff --git a/private/apexd.te b/private/apexd.te
index 14778b2..31371d9 100644
--- a/private/apexd.te
+++ b/private/apexd.te

@@ -114,6 +114,9 @@
   domain_auto_trans(apexd, apex_test_prepostinstall_exec, apex_test_prepostinstall)
 ')
 
+# Allow apexd to be invoked with logwrapper from init during userspace reboot.
+allow apexd devpts:chr_file { read write };
+
 neverallow { domain -apexd -init } apex_data_file:dir no_w_dir_perms;
 neverallow { domain -apexd -init } apex_metadata_file:dir no_w_dir_perms;
 neverallow { domain -apexd -init -kernel } apex_data_file:file no_w_file_perms;
commit	8a4805265bfc77ad6390e14dca544da050a413d8	[log] [tgz]
author	Nikita Ioffe <ioffe@google.com>	Thu Nov 14 14:28:43 2019 +0000
committer	Nikita Ioffe <ioffe@google.com>	Thu Nov 14 15:31:47 2019 +0000
tree	0644d7021fba136a001b60285a885a9266466984
parent	c03def15edd0a1e20c1170ea88a6d85ef529a46f [diff]