From 0996257288887c898908892cb2b0c51155615ca7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= Date: Thu, 23 Jan 2020 01:50:31 -0800 Subject: [PATCH] allow iptables to isatty() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Test: builds, atest Bug: 143044679 Signed-off-by: Maciej Żenczykowski Change-Id: I3309ccf9be86f06405dc248cc69b0207114f855f --- sepolicy/vendor/netutils_wrapper.te | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sepolicy/vendor/netutils_wrapper.te b/sepolicy/vendor/netutils_wrapper.te index f1bec3b8..da72f978 100644 --- a/sepolicy/vendor/netutils_wrapper.te +++ b/sepolicy/vendor/netutils_wrapper.te @@ -1,6 +1,7 @@ # For netutils to be able to write their stdout stderr to the pipes opened by netmgrd allow netutils_wrapper netmgrd:fd use; -allow netutils_wrapper netmgrd:fifo_file { getattr read write append }; +allow netutils_wrapper netmgrd:fifo_file { getattr ioctl read write append }; +allowxperm netutils_wrapper netmgrd:fifo_file ioctl { TCGETS }; dontaudit netutils_wrapper netmgrd:socket { read write }; dontaudit netutils_wrapper netmgrd:unix_stream_socket { read write };