Merge "netd: suppress dir write to /system"
diff --git a/public/netd.te b/public/netd.te
index a020a57..ceb1a27 100644
--- a/public/netd.te
+++ b/public/netd.te
@@ -36,8 +36,10 @@
not_full_treble(`allow netd vendor_file:file x_file_perms;')
allow netd devpts:chr_file rw_file_perms;
-# Acquire advisory lock on /system/etc/xtables.lock
+# Acquire advisory lock on /system/etc/xtables.lock. If this file doesn't
+# exist, suppress the denial.
allow netd system_file:file lock;
+dontaudit netd system_file:dir write;
# Allow netd to write to qtaguid ctrl file.
# TODO: Add proper rules to prevent other process to access qtaguid_proc file