Revert "Switch over to qti_init_shell"

This reverts commit 7a8ed167d1fdf3b59e6ab8dc1176e7e17c84e17e.

Change-Id: I28c78cb03828841b06bd6bc11e730dcd19e89712

3 files changed, 17 insertions, 26 deletions

diff --git a/common/init_shell.te b/common/init_shell.te
index 0ed537be..34b8f897 100644
--- a/common/init_shell.te
+++ b/common/init_shell.te
@@ -1,39 +1,29 @@
-# Restricted domain for shell processes spawned by init.
-# Normally these are shell commands or scripts invoked via sh
-# from an init*.rc file.  No service should ever run in this domain.
-type qti_init_shell, domain;
-domain_auto_trans(init, shell_exec, qti_init_shell)
-
-# Run helpers from / or /system without changing domain.
-#allow qti_init_shell rootfs:file execute_no_trans;
-#allow qti_init_shell system_file:file execute_no_trans;
-
 #for accessing fmradio device node
-allow  qti_init_shell  fm_radio_device:chr_file { open read ioctl };
+allow  init_shell  fm_radio_device:chr_file { open read ioctl };
 # for insmod of iris ko  , this is needed .
-allow qti_init_shell self:capability sys_module;
+allow init_shell self:capability sys_module;
 
 
 #for  property starting with hw
-allow qti_init_shell  system_prop:property_service set ;
+allow init_shell  system_prop:property_service set ;
 
 #for access to set BT property
-allow qti_init_shell  bluetooth_prop:property_service set;
+allow init_shell  bluetooth_prop:property_service set;
 
-#most of the default properties are set by qti_init_shell
-#allow qti_init_shell  default_prop:property_service set;
+#most of the default properties are set by init_shell
+allow init_shell  default_prop:property_service set;
 
-#allow qti_init_shell shell_exec:file execute_no_trans;
+allow init_shell shell_exec:file execute_no_trans;
 
 #Needed in order to set properties while going in/out of debug mode.
-#allow qti_init_shell ctl_default_prop:property_service set;
+allow init_shell ctl_default_prop:property_service set;
 
-allow qti_init_shell efs_boot_dev:blk_file r_file_perms;
+allow init_shell efs_boot_dev:blk_file r_file_perms;
 
 #perfd
-#allow qti_init_shell ctl_default_prop:property_service set;
+allow init_shell ctl_default_prop:property_service set;
 
-allow qti_init_shell ctl_rildaemon_prop:property_service set;
+allow init_shell ctl_rildaemon_prop:property_service set;
 
 #for access to UICC property
-allow qti_init_shell uicc_prop:property_service set;
+allow init_shell uicc_prop:property_service set;
diff --git a/common/rfs_access.te b/common/rfs_access.te
index 9ad79954..b7ab3cca 100644
--- a/common/rfs_access.te
+++ b/common/rfs_access.te
@@ -44,5 +44,5 @@ allow rfs_access firmware_file:file r_file_perms;
 allow rfs_access self:capability { setuid setgid setpcap net_raw };
 
 #Prevent other domains from accessing RFS data files.
-neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -qti_init_shell } rfs_data_file:dir create_dir_perms;
-neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -qti_init_shell } rfs_data_file:file create_file_perms;
+neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -init_shell } rfs_data_file:dir create_dir_perms;
+neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -init_shell } rfs_data_file:file create_file_perms;
diff --git a/test/init_shell.te b/test/init_shell.te
index 7a48c8ba..4a477176 100755
--- a/test/init_shell.te
+++ b/test/init_shell.te
@@ -1,4 +1,5 @@
 userdebug_or_eng(`
-  allow qti_init_shell fuse:dir create_dir_perms;
-  allow qti_init_shell fuse:file create_file_perms;
+  domain_auto_trans(init_shell, su_exec, su)
+  allow init_shell fuse:dir create_dir_perms;
+  allow init_shell fuse:file create_file_perms;
 ')