Support fine grain read access control for properties Properties are now broken up from a single /dev/__properties__ file into multiple files, one per property label. This commit provides the mechanism to control read access to each of these files and therefore sets of properties. This allows full access for all domains to each of these new property files to match the current permissions of /dev/__properties__. Future commits will restrict the access. Bug: 21852512 Change-Id: Ie9e43968acc7ac3b88e354a0bdfac75b8a710094

commit: 949d7cbc29c1a658f00b966a81fd3f710c065fec [log] [tgz]
author: Tom Cherry <tomcherry@google.com> Tue Dec 01 16:58:27 2015 -0800
committer: Tom Cherry <tomcherry@google.com> Thu Dec 03 14:06:10 2015 -0800
tree: 73aeaa7bf1440fefd8b1add750aabd36059f63c6
parent: 8ff6a86da526b18951c24a7971d71aac15f0fbca [diff] [blame]
diff --git a/file_contexts b/file_contexts
index a74f8f8..152dfb4 100644
--- a/file_contexts
+++ b/file_contexts

@@ -34,7 +34,7 @@
 
 # SELinux policy files
 /file_contexts\.bin u:object_r:rootfs:s0
-/property_contexts  u:object_r:rootfs:s0
+/property_contexts  u:object_r:property_contexts:s0
 /seapp_contexts     u:object_r:rootfs:s0
 /sepolicy           u:object_r:rootfs:s0
 /service_contexts   u:object_r:rootfs:s0
commit	949d7cbc29c1a658f00b966a81fd3f710c065fec	[log] [tgz]
author	Tom Cherry <tomcherry@google.com>	Tue Dec 01 16:58:27 2015 -0800
committer	Tom Cherry <tomcherry@google.com>	Thu Dec 03 14:06:10 2015 -0800
tree	73aeaa7bf1440fefd8b1add750aabd36059f63c6
parent	8ff6a86da526b18951c24a7971d71aac15f0fbca [diff] [blame]