shell.te - LeafOS-Project/android_system_sepolicy - Gitiles

 # Domain for shell processes spawned by ADB
 type shell, domain;
 type shell_exec, exec_type, file_type;
 unconfined_domain(shell)

 # Run app_process.
 # XXX Split into its own domain?
 app_domain(shell)

 # shell is also permissive to permit setenforce.
 permissive shell;
	# Domain for shell processes spawned by ADB
	type shell, domain;
	type shell_exec, exec_type, file_type;
	unconfined_domain(shell)

	# Run app_process.
	# XXX Split into its own domain?
	app_domain(shell)

	# shell is also permissive to permit setenforce.
	permissive shell;