Proper security labeling of multi-user data directories. Add seinfo paramater to appropriate make directory functions. This allows proper labeling for multi-user scenarios. Change-Id: Iaba7c40645bc7b6cc823d613da0c3782acf6ddd5 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

commit: 880d1a957ebcb63fb9d3724e2f91c58b7ff0cd54 [log] [tgz]
author: Robert Craig <rpcraig@tycho.ncsc.mil> Mon Jul 29 09:18:09 2013 -0400
committer: Robert Craig <rpcraig@tycho.ncsc.mil> Wed Sep 18 13:21:12 2013 +0000
tree: d8c7dcdbda0085656e2714850c38118b065b05c7
parent: 1852eb4feba27e5ee080f44fd13a39938d511fc3 [diff] [blame]
diff --git a/cmds/installd/commands.c b/cmds/installd/commands.c
index 8e14a2c..f68d758 100644
--- a/cmds/installd/commands.c
+++ b/cmds/installd/commands.c

@@ -184,7 +184,7 @@
     return delete_dir_contents(pkgdir, 0, "lib");
 }
 
-int make_user_data(const char *pkgname, uid_t uid, uid_t persona)
+int make_user_data(const char *pkgname, uid_t uid, uid_t persona, const char* seinfo)
 {
     char pkgdir[PKG_PATH_MAX];
     char applibdir[PKG_PATH_MAX];
@@ -245,7 +245,7 @@
         return -1;
     }
 
-    if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) {
+    if (selinux_android_setfilecon2(pkgdir, pkgname, seinfo, uid) < 0) {
         ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
         unlink(libsymlink);
         unlink(pkgdir);
commit	880d1a957ebcb63fb9d3724e2f91c58b7ff0cd54	[log] [tgz]
author	Robert Craig <rpcraig@tycho.ncsc.mil>	Mon Jul 29 09:18:09 2013 -0400
committer	Robert Craig <rpcraig@tycho.ncsc.mil>	Wed Sep 18 13:21:12 2013 +0000
tree	d8c7dcdbda0085656e2714850c38118b065b05c7
parent	1852eb4feba27e5ee080f44fd13a39938d511fc3 [diff] [blame]