diff options
author | Jeff Sharkey <jsharkey@android.com> | 2015-06-09 11:02:55 -0700 |
---|---|---|
committer | Jeff Sharkey <jsharkey@android.com> | 2015-06-09 13:39:17 -0700 |
commit | 76417519ec7b361604f4977b9ad238d0a276c49d (patch) | |
tree | e0f50d7717be5da1e85eb92a03cf4efd65c08ef6 /init | |
parent | 03196c9c7566bc8d6b05019d37a1e60dc3b398f4 (diff) | |
download | system_core-76417519ec7b361604f4977b9ad238d0a276c49d.zip system_core-76417519ec7b361604f4977b9ad238d0a276c49d.tar.gz system_core-76417519ec7b361604f4977b9ad238d0a276c49d.tar.bz2 |
New "selinux.restorecon" control property.
This new property is used as a control verb for running a recursive
restorecon at the path contained in the property value.
Shifts both SELinux actions to occur before the actual property set
occurs, so setters can watch for completion.
Bug: 21121357
Change-Id: I3db3eb876ae66e144b3bfd648349b66a028511fd
Diffstat (limited to 'init')
-rw-r--r-- | init/property_service.cpp | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/init/property_service.cpp b/init/property_service.cpp index 0ee0351..c2881ae 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -205,6 +205,16 @@ static int property_set_impl(const char* name, const char* value) { if (!is_legal_property_name(name, namelen)) return -1; if (valuelen >= PROP_VALUE_MAX) return -1; + if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) { + if (selinux_reload_policy() != 0) { + ERROR("Failed to reload policy\n"); + } + } else if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) { + if (restorecon_recursive(value) != 0) { + ERROR("Failed to restorecon_recursive %s\n", value); + } + } + prop_info* pi = (prop_info*) __system_property_find(name); if(pi != 0) { @@ -236,9 +246,6 @@ static int property_set_impl(const char* name, const char* value) { * to prevent them from being overwritten by default values. */ write_persistent_property(name, value); - } else if (strcmp("selinux.reload_policy", name) == 0 && - strcmp("1", value) == 0) { - selinux_reload_policy(); } property_changed(name, value); return 0; |