Skip to content
Snippets Groups Projects
Commit e900e573 authored by Jeff Sharkey's avatar Jeff Sharkey Committed by Android Git Automerger
Browse files

am 77e85289: Merge "Rules to allow installing package directories." 

* commit '77e85289':
  Rules to allow installing package directories.
parents 51ad2ad3 77e85289
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
file_contexts
+ 8
8
View file @ e900e573
...@@ -179,10 +179,10 @@ ...@@ -179,10 +179,10 @@
/data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0 /data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0
/data/dalvik-cache/profiles(/.*)? u:object_r:dalvikcache_profiles_data_file:s0 /data/dalvik-cache/profiles(/.*)? u:object_r:dalvikcache_profiles_data_file:s0
/data/anr(/.*)? u:object_r:anr_data_file:s0 /data/anr(/.*)? u:object_r:anr_data_file:s0
/data/app(/.*)? u:object_r:apk_data_file:s0 /data/app(/.*)? u:object_r:apk_data_file:s0
/data/app/vmdl.*\.tmp u:object_r:apk_tmp_file:s0 /data/app/vmdl.*\.tmp(/.*)? u:object_r:apk_tmp_file:s0
/data/app-private(/.*)? u:object_r:apk_private_data_file:s0 /data/app-private(/.*)? u:object_r:apk_private_data_file:s0
/data/app-private/vmdl.*\.tmp u:object_r:apk_private_tmp_file:s0 /data/app-private/vmdl.*\.tmp(/.*)? u:object_r:apk_private_tmp_file:s0
/data/tombstones(/.*)? u:object_r:tombstone_data_file:s0 /data/tombstones(/.*)? u:object_r:tombstone_data_file:s0
/data/local/tmp(/.*)? u:object_r:shell_data_file:s0 /data/local/tmp(/.*)? u:object_r:shell_data_file:s0
/data/media(/.*)? u:object_r:media_rw_data_file:s0 /data/media(/.*)? u:object_r:media_rw_data_file:s0
...@@ -236,7 +236,7 @@ ...@@ -236,7 +236,7 @@
############################# #############################
# asec containers # asec containers
/mnt/asec(/.*)? u:object_r:asec_apk_file:s0 /mnt/asec(/.*)? u:object_r:asec_apk_file:s0
/mnt/asec/[^/]+/res\.zip u:object_r:asec_public_file:s0 /mnt/asec/[^/]+/[^/]+\.zip u:object_r:asec_public_file:s0
/mnt/asec/[^/]+/lib(/.*)? u:object_r:asec_public_file:s0 /mnt/asec/[^/]+/lib(/.*)? u:object_r:asec_public_file:s0
/data/app-asec(/.*)? u:object_r:asec_image_file:s0 /data/app-asec(/.*)? u:object_r:asec_image_file:s0
system_server.te
+ 4
2
View file @ e900e573
...@@ -171,11 +171,13 @@ allow system_server system_data_file:notdevfile_class_set create_file_perms; ...@@ -171,11 +171,13 @@ allow system_server system_data_file:notdevfile_class_set create_file_perms;
# Manage /data/app. # Manage /data/app.
allow system_server apk_data_file:dir create_dir_perms; allow system_server apk_data_file:dir create_dir_perms;
allow system_server apk_data_file:file create_file_perms; allow system_server apk_data_file:file create_file_perms;
allow system_server apk_tmp_file:dir create_dir_perms;
allow system_server apk_tmp_file:file create_file_perms; allow system_server apk_tmp_file:file create_file_perms;
# Manage /data/app-private. # Manage /data/app-private.
allow system_server apk_private_data_file:dir create_dir_perms; allow system_server apk_private_data_file:dir create_dir_perms;
allow system_server apk_private_data_file:file create_file_perms; allow system_server apk_private_data_file:file create_file_perms;
allow system_server apk_private_tmp_file:dir create_dir_perms;
allow system_server apk_private_tmp_file:file create_file_perms; allow system_server apk_private_tmp_file:file create_file_perms;
# Manage files within asec containers. # Manage files within asec containers.
...@@ -252,8 +254,8 @@ allow system_server media_rw_data_file:file { getattr read write }; ...@@ -252,8 +254,8 @@ allow system_server media_rw_data_file:file { getattr read write };
security_access_policy(system_server) security_access_policy(system_server)
# Relabel apk files. # Relabel apk files.
allow system_server { apk_tmp_file apk_private_tmp_file }:file { relabelfrom relabelto }; allow system_server { apk_tmp_file apk_private_tmp_file }:{ dir file } { relabelfrom relabelto };
allow system_server { apk_data_file apk_private_data_file }:file { relabelfrom relabelto }; allow system_server { apk_data_file apk_private_data_file }:{ dir file } { relabelfrom relabelto };
# Relabel wallpaper. # Relabel wallpaper.
allow system_server system_data_file:file relabelfrom; allow system_server system_data_file:file relabelfrom;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment