aboutsummaryrefslogtreecommitdiffstats
path: root/system_server.te
diff options
context:
space:
mode:
authorJim Miller <jaggies@google.com>2015-05-21 17:42:09 -0700
committerJim Miller <jaggies@google.com>2015-05-21 17:43:28 -0700
commita39b131e9db1fed7e5ce90174f19515f465c8739 (patch)
tree060f4b8b09e018d0021a979cb28e512b1a4a7f6a /system_server.te
parent5d78c07d4a463ec5ed0403850be718de670c9e97 (diff)
downloadandroid_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.tar.gz
android_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.tar.bz2
android_external_sepolicy-a39b131e9db1fed7e5ce90174f19515f465c8739.zip
Selinux: Allow system_server to create fpdata dir.
Fixes avc errors; avc: denied { relabelto } for name="fpdata" dev="mmcblk0p28" ino=586465 scontext=u:r:system_server:s0 tcontext=u:object_r:fingerprintd_data_file:s0 tclass=dir permissive=0 avc: denied { read } for name="fpdata" dev="mmcblk0p28" ino=586409 scontext=u:r:system_server:s0 tcontext=u:object_r:fingerprintd_data_file:s0 tclass=dir permissive=0 Change-Id: I3ba16af14632d803e09ac1490af9a0b652cba3a6
Diffstat (limited to 'system_server.te')
-rw-r--r--system_server.te3
1 files changed, 3 insertions, 0 deletions
diff --git a/system_server.te b/system_server.te
index 150103e..d345749 100644
--- a/system_server.te
+++ b/system_server.te
@@ -429,6 +429,9 @@ allow system_server sdcard_type:dir { getattr search };
# Traverse into expanded storage
allow system_server mnt_expand_file:dir r_dir_perms;
+# Allow system process to relabel the fingerprint directory after mkdir
+allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto};
+
###
### Neverallow rules
###
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 00:13:04 +0000