diff options
| author | Matt Mower <mowerm@gmail.com> | 2015-12-27 12:26:23 -0600 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@cyanogenmod.org> | 2016-01-02 02:07:18 -0800 |
| commit | 511152cd2c67e7f965fdbf451111522f898a2584 (patch) | |
| tree | 17dd10b5ab527a716b476a2011e7183b821642e8 /sepolicy | |
| parent | 14e765cd711b2b6473f0c553a6f374818fe46293 (diff) | |
| download | vendor_replicant-511152cd2c67e7f965fdbf451111522f898a2584.zip vendor_replicant-511152cd2c67e7f965fdbf451111522f898a2584.tar.gz vendor_replicant-511152cd2c67e7f965fdbf451111522f898a2584.tar.bz2 | |
sepolicy: Allow minivold execute_no_trans
After assimilating minivold into /sbin/recovery, we need to allow the
minivold service (a symlink to the recovery binary) to transition from
the recovery to the vold domain.
Change-Id: I112e6d371a8da8fc55a06967852c869105190616
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/vold.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sepolicy/vold.te b/sepolicy/vold.te index efca286..0c50c71 100644 --- a/sepolicy/vold.te +++ b/sepolicy/vold.te @@ -13,6 +13,7 @@ allow vold self:capability { setgid setuid }; # Vold can also run as minivold in the rootfs recovery_only(` allow vold rootfs:dir { add_name write }; + allow vold rootfs:file execute_no_trans; ') # External storage |