diff options
| author | Andreas Blaesius <skate4life@gmx.de> | 2016-10-29 16:39:13 +0200 |
|---|---|---|
| committer | Andreas Blaesius <skate4life@gmx.de> | 2016-10-29 16:43:33 +0200 |
| commit | b8ca62b6e31bed24dd9f8e3162020d1de33b53d9 (patch) | |
| tree | 4b2629f50473b5a2ab70afc5e8bd553b7d9580af /sepolicy-custom | |
| parent | 2a7f9e49089325221b08bcf32df595214ecab759 (diff) | |
| download | device_samsung_espressowifi-b8ca62b6e31bed24dd9f8e3162020d1de33b53d9.zip device_samsung_espressowifi-b8ca62b6e31bed24dd9f8e3162020d1de33b53d9.tar.gz device_samsung_espressowifi-b8ca62b6e31bed24dd9f8e3162020d1de33b53d9.tar.bz2 | |
sepolicy: move custom policy into own subdir
Change-Id: I1fe5e299159d206c9206452cfc490e81c2cc21b9
Diffstat (limited to 'sepolicy-custom')
| -rw-r--r-- | sepolicy-custom/file_contexts | 2 | ||||
| -rw-r--r-- | sepolicy-custom/property.te | 3 | ||||
| -rw-r--r-- | sepolicy-custom/property_contexts | 2 | ||||
| -rw-r--r-- | sepolicy-custom/variant_setup.te | 21 |
4 files changed, 28 insertions, 0 deletions
diff --git a/sepolicy-custom/file_contexts b/sepolicy-custom/file_contexts new file mode 100644 index 0000000..d32d657 --- /dev/null +++ b/sepolicy-custom/file_contexts @@ -0,0 +1,2 @@ +# variant setup +/system/bin/init\.espresso\.variant\.sh u:object_r:variant_setup_exec:s0 diff --git a/sepolicy-custom/property.te b/sepolicy-custom/property.te new file mode 100644 index 0000000..a6ba71b --- /dev/null +++ b/sepolicy-custom/property.te @@ -0,0 +1,3 @@ +# hwrotation prop need a own type to be set on init.espreso.variants.sh, +# else it would conflict with a neverallow rule +type rotation_prop, property_type; diff --git a/sepolicy-custom/property_contexts b/sepolicy-custom/property_contexts new file mode 100644 index 0000000..69ad081 --- /dev/null +++ b/sepolicy-custom/property_contexts @@ -0,0 +1,2 @@ +# label hwrotation prop to set it on init.espreso.variants.sh +sf.hwrotation u:object_r:rotation_prop:s0 diff --git a/sepolicy-custom/variant_setup.te b/sepolicy-custom/variant_setup.te new file mode 100644 index 0000000..b4072ca --- /dev/null +++ b/sepolicy-custom/variant_setup.te @@ -0,0 +1,21 @@ +# Variant-Setup script (init.espresso.variant.sh) +type variant_setup, domain; +type variant_setup_exec, exec_type, file_type; + +init_daemon_domain(variant_setup) + +# Run init.espresso.variant.sh +allow variant_setup shell_exec:file rx_file_perms; +allow variant_setup variant_setup_exec:file rx_file_perms; + +# Talk to init over the property socket +unix_socket_connect(variant_setup, property, init) + +# Allow getprop/setprop for init.espresso.variant.sh +allow variant_setup system_file:file execute_no_trans; +allow variant_setup rotation_prop:property_service set; + +# Set accelerometer and geomagnetic position via sysfs +allow variant_setup sysfs:file write; + +allow variant_setup self:capability dac_override; |