diff options
author | William Roberts <w.roberts@sta.samsung.com> | 2013-01-23 14:05:04 -0800 |
---|---|---|
committer | Ricardo Cerqueira <cyanogenmod@cerqueira.org> | 2013-07-18 20:38:39 +0100 |
commit | cef72200a7f11a85743c452fd5cc77b9b5bc9bc9 (patch) | |
tree | 59df511729bd120b37089b3752ca0ee0356fcbc6 | |
parent | 0cbf7ea544af6fe190ee158528d9671b063a9e4a (diff) | |
download | system_core-cef72200a7f11a85743c452fd5cc77b9b5bc9bc9.zip system_core-cef72200a7f11a85743c452fd5cc77b9b5bc9bc9.tar.gz system_core-cef72200a7f11a85743c452fd5cc77b9b5bc9bc9.tar.bz2 |
Create a new location for /data policy files
Updating the location of policy files from
/data/system to /data/securtiy. Requires a
new directory to be created by init and an
update to the location of the
property_contexts file for property service.
Change-Id: Ibac2a84dfb403339bd169787cb5b7f24655be429
-rwxr-xr-x | init/init.c | 2 | ||||
-rwxr-xr-x | init/property_service.c | 2 | ||||
-rw-r--r-- | rootdir/init.rc | 3 |
3 files changed, 5 insertions, 2 deletions
diff --git a/init/init.c b/init/init.c index 276de75..b2c8012 100755 --- a/init/init.c +++ b/init/init.c @@ -802,7 +802,7 @@ static int bootchart_init_action(int nargs, char **args) #ifdef HAVE_SELINUX static const struct selinux_opt seopts_prop[] = { - { SELABEL_OPT_PATH, "/data/system/property_contexts" }, + { SELABEL_OPT_PATH, "/data/security/property_contexts" }, { SELABEL_OPT_PATH, "/property_contexts" }, { 0, NULL } }; diff --git a/init/property_service.c b/init/property_service.c index 1d812df..225d7e8 100755 --- a/init/property_service.c +++ b/init/property_service.c @@ -93,7 +93,7 @@ struct { { "log.", AID_SHELL, 0 }, { "service.adb.root", AID_SHELL, 0 }, { "service.adb.tcp.port", AID_SHELL, 0 }, - { "persist.mac_enforcing_mode", AID_SYSTEM, 0 }, + { "persist.mmac.", AID_SYSTEM, 0 }, { "persist.sys.", AID_SYSTEM, 0 }, { "persist.service.", AID_SYSTEM, 0 }, { "persist.service.", AID_RADIO, 0 }, diff --git a/rootdir/init.rc b/rootdir/init.rc index 8a072d5..cc3f0f9 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -260,6 +260,9 @@ on post-fs-data # the following directory. mkdir /data/drm 0770 drm drm + # Separate location for storing security policy files on data + mkdir /data/security 0600 system system + # If there is no fs-post-data action in the init.<device>.rc file, you # must uncomment this line, otherwise encrypted filesystems # won't work. |