1*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell vendor_shell_exec:file rx_file_perms; 2*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell vendor_toolbox_exec:file rx_file_perms; 3*e4a36f41SAndroid Build Coastguard Worker 4*e4a36f41SAndroid Build Coastguard Worker# Use fd from shell when vendor_shell is started from shell 5*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell shell:fd use; 6*e4a36f41SAndroid Build Coastguard Worker 7*e4a36f41SAndroid Build Coastguard Worker# adbd: allow `adb shell /vendor/bin/sh` and `adb shell` then `/vendor/bin/sh` 8*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell adbd:fd use; 9*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell adbd:process sigchld; 10*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell adbd:unix_stream_socket { getattr ioctl read write }; 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell devpts:chr_file rw_file_perms; 13*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell tty_device:chr_file rw_file_perms; 14*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell console_device:chr_file rw_file_perms; 15*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell input_device:dir r_dir_perms; 16*e4a36f41SAndroid Build Coastguard Workerallow vendor_shell input_device:chr_file rw_file_perms; 17*e4a36f41SAndroid Build Coastguard Worker 18*e4a36f41SAndroid Build Coastguard Workeruserdebug_or_eng(`set_prop(vendor_shell, persist_vendor_debug_wifi_prop)') 19