diff options
author | Jim Miller <jaggies@google.com> | 2015-05-21 17:42:09 -0700 |
---|---|---|
committer | Jim Miller <jaggies@google.com> | 2015-05-21 17:43:28 -0700 |
commit | a39b131e9db1fed7e5ce90174f19515f465c8739 (patch) | |
tree | 060f4b8b09e018d0021a979cb28e512b1a4a7f6a /system_server.te | |
parent | 5d78c07d4a463ec5ed0403850be718de670c9e97 (diff) | |
download | android_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.tar.gz android_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.tar.bz2 android_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.zip |
Selinux: Allow system_server to create fpdata dir.
Fixes avc errors;
avc: denied { relabelto } for name="fpdata" dev="mmcblk0p28" ino=586465 scontext=u:r:system_server:s0 tcontext=u:object_r:fingerprintd_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="fpdata" dev="mmcblk0p28" ino=586409 scontext=u:r:system_server:s0 tcontext=u:object_r:fingerprintd_data_file:s0 tclass=dir permissive=0
Change-Id: I3ba16af14632d803e09ac1490af9a0b652cba3a6
Diffstat (limited to 'system_server.te')
-rw-r--r-- | system_server.te | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/system_server.te b/system_server.te index 150103e..d345749 100644 --- a/system_server.te +++ b/system_server.te @@ -429,6 +429,9 @@ allow system_server sdcard_type:dir { getattr search }; # Traverse into expanded storage allow system_server mnt_expand_file:dir r_dir_perms; +# Allow system process to relabel the fingerprint directory after mkdir +allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto}; + ### ### Neverallow rules ### |