selinux: Fix healthd's access to /dev nodes Our healthd's support for power-on alarms adds some steps that imply reading files its user doesn't own. Let it. Change-Id: I3d4735aaab8fbec7acc460f812bc21f1dfa516ab

commit: d22efb80e1bd1aea3710041fd6cd9b0dfd808149 [log] [tgz]
author: Ricardo Cerqueira <ricardo@cyngn.com> Thu Nov 27 22:54:43 2014 +0000
committer: Gerrit Code Review <gerrit@cyanogenmod.org> Thu Nov 27 22:57:21 2014 +0000
tree: 9701d0a526234c821f0ffc1b6da310d8a1bfb4c1
parent: 58f88184d585c70b6c12599215e2a618663487ca [diff]
diff --git a/sepolicy/healthd.te b/sepolicy/healthd.te
new file mode 100644
index 0000000..4711cf5
--- /dev/null
+++ b/sepolicy/healthd.te

@@ -0,0 +1 @@
+allow healthd self:capability { dac_override dac_read_search };

diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
index 309d13c..9998bf4 100644
--- a/sepolicy/sepolicy.mk
+++ b/sepolicy/sepolicy.mk

@@ -13,6 +13,7 @@
     seapp_contexts \
     service_contexts \
     auditd.te \
+    healthd.te \
     installd.te \
     netd.te \
     su.te \
commit	d22efb80e1bd1aea3710041fd6cd9b0dfd808149	[log] [tgz]
author	Ricardo Cerqueira <ricardo@cyngn.com>	Thu Nov 27 22:54:43 2014 +0000
committer	Gerrit Code Review <gerrit@cyanogenmod.org>	Thu Nov 27 22:57:21 2014 +0000
tree	9701d0a526234c821f0ffc1b6da310d8a1bfb4c1
parent	58f88184d585c70b6c12599215e2a618663487ca [diff]