vold launched e2fsck must run in fsck domain
Bug: 22821100 Change-Id: I549abfd31f7286ad50be3adeadaf559816c0ee38
This commit is contained in:
parent
792622c383
commit
67d9932c67
6
vold.te
6
vold.te
@ -81,8 +81,8 @@ allow vold sysfs:file rw_file_perms;
|
||||
|
||||
allow vold kmsg_device:chr_file rw_file_perms;
|
||||
|
||||
# Run fsck.
|
||||
allow vold fsck_exec:file rx_file_perms;
|
||||
# Run fsck in the fsck domain.
|
||||
allow vold fsck_exec:file { r_file_perms execute };
|
||||
|
||||
# Log fsck results
|
||||
allow vold fscklogs:dir rw_dir_perms;
|
||||
@ -176,3 +176,5 @@ neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto get
|
||||
neverallow { domain -vold -init } vold_data_file:dir *;
|
||||
neverallow { domain -vold -init } vold_data_file:notdevfile_class_set *;
|
||||
neverallow { domain -vold -init } restorecon_prop:property_service set;
|
||||
|
||||
neverallow vold fsck_exec:file execute_no_trans;
|
||||
|
Loading…
Reference in New Issue
Block a user