adbd: allow "adb pull /sdcard/" The removal of domain_deprecated broke the ability for adbd to pull files from /sdcard. Re-allow it. Addresses the following denials: avc: denied { search } for pid=2753 comm=73657276696365203530 name="/" dev="tmpfs" ino=6242 scontext=u:r:adbd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0 avc: denied { getattr } for pid=2755 comm=73657276696365203431 path="/sdcard" dev="rootfs" ino=5472 scontext=u:r:adbd:s0 tcontext=u:object_r:rootfs:s0 tclass=lnk_file permissive=0 Change-Id: I70257933f554abd008932c7f122dd0151f464b05

commit: b899f4fc33e93ad6ec3d81c39e17eae5ea2fef4f [log] [tgz]
author: Nick Kralevich <nnk@google.com> Mon Dec 07 14:55:23 2015 -0800
committer: Nick Kralevich <nnk@google.com> Mon Dec 07 14:55:23 2015 -0800
tree: d60178ecf4371d6772b2e56cec55883f99c83992
parent: 83fd8a54f54033837f168bbd61012fa5373a4e4c [diff]
diff --git a/adbd.te b/adbd.te
index a35d570..34c0ae9 100644
--- a/adbd.te
+++ b/adbd.te

@@ -35,6 +35,8 @@
 allow adbd shell_data_file:file create_file_perms;
 
 # adb push/pull sdcard.
+allow adbd tmpfs:dir search;
+allow adbd rootfs:lnk_file r_file_perms;
 allow adbd sdcard_type:dir create_dir_perms;
 allow adbd sdcard_type:file create_file_perms;
commit	b899f4fc33e93ad6ec3d81c39e17eae5ea2fef4f	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Mon Dec 07 14:55:23 2015 -0800
committer	Nick Kralevich <nnk@google.com>	Mon Dec 07 14:55:23 2015 -0800
tree	d60178ecf4371d6772b2e56cec55883f99c83992
parent	83fd8a54f54033837f168bbd61012fa5373a4e4c [diff]