diff options
author | Jeff Sharkey <jsharkey@android.com> | 2015-04-11 22:10:20 -0700 |
---|---|---|
committer | Jeff Sharkey <jsharkey@android.com> | 2015-04-11 22:21:50 -0700 |
commit | 3acec6fa1784cb44055b304c4a01ebb391468c31 (patch) | |
tree | d4eaa767f4dffb0b6580d9dd15a3d8a5d9723809 /sdcardd.te | |
parent | 03a6f64f9568e2c58eb043463a5b4ff1cf10bef6 (diff) | |
download | android_external_sepolicy-3acec6fa1784cb44055b304c4a01ebb391468c31.tar.gz android_external_sepolicy-3acec6fa1784cb44055b304c4a01ebb391468c31.tar.bz2 android_external_sepolicy-3acec6fa1784cb44055b304c4a01ebb391468c31.zip |
Allow sdcard daemon to run above expanded storage.
We have a /media directory on expanded storage that behaves just
like internal storage, and has a FUSE daemon running above it.
avc: denied { search } for name="expand" dev="tmpfs" ino=3130 scontext=u:r:sdcardd:s0 tcontext=u:object_r:mnt_expand_file:s0 tclass=dir permissive=0
Bug: 19993667
Change-Id: I771ecb8f2808c48ccf4139ac9cfc2a48a2332fec
Diffstat (limited to 'sdcardd.te')
-rw-r--r-- | sdcardd.te | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -28,3 +28,6 @@ allow sdcardd install_data_file:file r_file_perms; # Allow stdin/out back to vold allow sdcardd vold:fd use; allow sdcardd vold:fifo_file { read write getattr }; + +# Allow running on top of expanded storage +allow sdcardd mnt_expand_file:dir search; |