Allow apps to execute ping
Addresses the following denials:
<5>[ 170.166218] type=1400 audit(1386789488.029:57): avc: denied { getattr } for pid=4352 comm="sh" path="/system/bin/ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file
<5>[ 170.166356] type=1400 audit(1386789488.029:58): avc: denied { execute } for pid=4352 comm="sh" name="ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file
<5>[ 170.166841] type=1400 audit(1386789488.029:59): avc: denied { read open } for pid=4389 comm="sh" name="ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file
<5>[ 170.166962] type=1400 audit(1386789488.029:60): avc: denied { execute_no_trans } for pid=4389 comm="sh" path="/system/bin/ping" dev="mmcblk0p25" ino=182 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:ping_exec:s0 tclass=file
Change-Id: Ic175ef7392897a3941c36db67dfa59ded35204b5
diff --git a/app.te b/app.te
index 090088f..fe0b250 100644
--- a/app.te
+++ b/app.te
@@ -59,6 +59,7 @@
# Execute the shell or other system executables.
allow appdomain shell_exec:file rx_file_perms;
allow appdomain system_file:file rx_file_perms;
+allow appdomain ping_exec:file rx_file_perms;
# Read/write wallpaper file (opened by system).
allow appdomain wallpaper_file:file { read write };