diff options
| author | rogersb11 <brettrogers11@gmail.com> | 2015-11-12 04:51:38 -0500 |
|---|---|---|
| committer | Brett Rogers <brettrogers11@gmail.com> | 2015-12-02 09:54:17 -0800 |
| commit | 04de314e155a00e7299305c6f0ca05fd47045926 (patch) | |
| tree | 6ca57022949b1aab04a7573b5b54a370ab4c5b96 /selinux/init.te | |
| parent | 5b06fdd56bba9aeee7959794217d296c47d48945 (diff) | |
| download | device_samsung_t0lte-04de314e155a00e7299305c6f0ca05fd47045926.tar.gz device_samsung_t0lte-04de314e155a00e7299305c6f0ca05fd47045926.tar.bz2 device_samsung_t0lte-04de314e155a00e7299305c6f0ca05fd47045926.zip | |
Update sepolicy for M (WIP)
Change-Id: I668e299e7c6d9927144e3eedf59d559dfa8d0b23
Diffstat (limited to 'selinux/init.te')
| -rw-r--r-- | selinux/init.te | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/selinux/init.te b/selinux/init.te index 2fdff9a..77e8963 100644 --- a/selinux/init.te +++ b/selinux/init.te @@ -1,14 +1,17 @@ allow init wpa_socket:unix_dgram_socket { bind create }; -allow init su_exec:file { execute_no_trans }; +#allow init su_exec:file { execute_no_trans }; allow init init:process { execmem }; allow init init:capability { sys_module }; allow init radio_efs_file:filesystem { relabelto }; allow init app_data_file:dir { read open setattr getattr relabelfrom }; -allow init_shell kernel:system { syslog_mod }; +allow init kernel:system syslog_read; allow init init:packet_socket { create bind write read }; allow init init:rawip_socket { create setopt write }; -allow init_shell init:packet_socket { read write }; - - +#allow init_shell init:packet_socket { read write }; +allow init log_device:chr_file { write }; +allow init kernel:system { module_request }; +#allow init system_file:file execute_no_trans; +allow init block_device:lnk_file { setattr }; +domain_trans(init, rootfs, SMD-daemon) |