9e8b8d9fdf
The build is broken. Reverting temporarily to fix breakage.
libsepol.check_assertion_helper: neverallow on line 4758 violated by allow init kernel:security { setenforce };
Error while expanding policy
make: *** [out/target/product/mako/obj/ETC/sepolicy_intermediates/sepolicy] Error 1
make: *** Waiting for unfinished jobs....
This reverts commit bf12e22514
.
Change-Id: I78a05756d8ce3c7d06e1d9d27e6135f4b352bb85
14 lines
450 B
Plaintext
14 lines
450 B
Plaintext
# init switches to init domain (via init.rc).
|
|
type init, domain;
|
|
# init is unconfined.
|
|
unconfined_domain(init)
|
|
tmpfs_domain(init)
|
|
relabelto_domain(init)
|
|
# add a rule to handle unlabelled mounts
|
|
allow init unlabeled:filesystem mount;
|
|
|
|
allow init {fs_type dev_type file_type}:dir_file_class_set relabelto;
|
|
allow init kernel:security { load_policy setenforce };
|
|
allow init usermodehelper:file rw_file_perms;
|
|
allow init proc_security:file rw_file_perms;
|