update_engine: Transition to backuptool domain
* This way we can make backuptool permissive
while leaving update_engine rules as clean as possible
Change-Id: Ied17f31f7d0258319371f3badc891c7a6ecee901
diff --git a/payload_consumer/postinstall_runner_action.cc b/payload_consumer/postinstall_runner_action.cc
index 6e10cea..1ada63b 100644
--- a/payload_consumer/postinstall_runner_action.cc
+++ b/payload_consumer/postinstall_runner_action.cc
@@ -19,6 +19,7 @@
#include <fcntl.h>
#include <signal.h>
#include <stdlib.h>
+#include <selinux/selinux.h>
#include <sys/mount.h>
#include <sys/types.h>
#include <unistd.h>
@@ -224,11 +225,23 @@
utils::MountFilesystem(mountable_device, fs_mount_dir_, MS_NOATIME | MS_NODEV | MS_NODIRATIME,
partition.filesystem_type, "seclabel");
+ // Switch to a permissive domain
+ if (setexeccon("u:r:backuptool:s0")) {
+ LOG(ERROR) << "Failed to set backuptool context";
+ return false;
+ }
+
// Run backuptool script
int ret = system("/postinstall/system/bin/backuptool_postinstall.sh");
if (ret == -1 || WEXITSTATUS(ret) != 0) {
LOG(ERROR) << "Backuptool postinstall step failed. ret=" << ret;
}
+
+ // Switch back to update_engine domain
+ if (setexeccon(nullptr)) {
+ LOG(ERROR) << "Failed to set update_engine context";
+ return false;
+ }
} else {
LOG(INFO) << "Skipping backuptool scripts";
}