Address new system server denial.
Allow system_server to unlink sockets created
by the wpa supplicant. This will resolve the following
denial seen across mutliple devices.
avc: denied { unlink } for pid=584 comm="WifiStateMachin" name="wlan0" dev=mmcblk0p10 ino=138762 scontext=u:r:system_server:s0 tcontext=u:object_r:wpa_socket:s0 tclass=sock_file
Change-Id: If3a8b1f270dfcd3dc6838eb8ac72e3d5004cc36d
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
diff --git a/system_server.te b/system_server.te
index 09e6ec5..37d4cc6 100644
--- a/system_server.te
+++ b/system_server.te
@@ -174,6 +174,9 @@
type_transition system_server wifi_data_file:sock_file system_wpa_socket;
allow system_server system_wpa_socket:sock_file create_file_perms;
+# Remove sockets created by wpa_supplicant
+allow system_server wpa_socket:sock_file unlink;
+
# Create a socket for connections from debuggerd.
type_transition system_server system_data_file:sock_file system_ndebug_socket "ndebugsocket";
allow system_server system_ndebug_socket:sock_file create_file_perms;