Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 1c8e606faf2a16f1eb9f4fb6b467e962a7ddcfb7
commit1c8e606faf2a16f1eb9f4fb6b467e962a7ddcfb7[log] [tgz]
authorSandeep Patil <sspatil@google.com>Tue Feb 14 15:56:46 2017 -0800
committerSandeep Patil <sspatil@google.com>Mon Feb 20 09:07:22 2017 -0800
tree5a61d36a6ef85e8cf9f7b6d052fcbeb8e16d4c42
parentdb955a152ff8b597cff0291c05b9d52490ba56dd [diff]
init: allow init to restorecon on block devices and their symlinks

For early mount we end up creating the device nodes for partitions
under /dev/block before selinux is initialized. Which means, that
restorecon_recursive on /dev/block will have to relabel these nodes
and their symlinks.

This change adds the rule to allow init do the same.

b/27805372

Test: boot marlin / sailfish with early mount device node creation
but mount partitions using the default 'mountall' without any selinux
denials.

Change-Id: Ib9335f3f961d485d2120a175dbdbf85d6f70b160
Signed-off-by: Sandeep Patil <sspatil@google.com>
1 file changed
tree: 5a61d36a6ef85e8cf9f7b6d052fcbeb8e16d4c42
  1. private/
  2. public/
  3. reqd_mask/
  4. tools/
  5. vendor/
  6. Android.mk
  7. CleanSpec.mk
  8. MODULE_LICENSE_PUBLIC_DOMAIN
  9. NOTICE
  10. PREUPLOAD.cfg
  11. README