diff options
author | Ricardo Cerqueira <ricardo@cyngn.com> | 2015-06-16 02:17:56 +0100 |
---|---|---|
committer | Ricardo Cerqueira <ricardo@cyngn.com> | 2015-06-16 02:17:56 +0100 |
commit | 1d7bc1d6cd9a88943acdc202150a1984d67a82be (patch) | |
tree | ab21f45cddac2c8e345898569ff941c2a860f1ab /vold.te | |
parent | d2a9e973cd087b936df9ac2592f1e01468bbbec4 (diff) | |
download | android_external_sepolicy-1d7bc1d6cd9a88943acdc202150a1984d67a82be.tar.gz android_external_sepolicy-1d7bc1d6cd9a88943acdc202150a1984d67a82be.tar.bz2 android_external_sepolicy-1d7bc1d6cd9a88943acdc202150a1984d67a82be.zip |
domain: Restore original neverallow rules for shipping builds
MR1 CTS validates the integrity of neverallow rules, so we can't
change them
Fixes android.cts.security.SELinuxNeverallowRulesTest#testNeverallowRules82
Change-Id: If8d3e26355a0774edee60ac9293a58eb48dc1b48
Diffstat (limited to 'vold.te')
-rw-r--r-- | vold.te | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -13,7 +13,9 @@ allow vold devpts:chr_file rw_file_perms; allow vold rootfs:dir mounton; allow vold sdcard_type:dir mounton; allow vold sdcard_type:filesystem { mount remount unmount }; -allow vold sdcard_posix:filesystem { relabelto relabelfrom }; +ifelse(shipping_build, `true', , + allow vold sdcard_posix:filesystem { relabelto relabelfrom }; +) allow vold labeledfs:filesystem { relabelfrom }; allow vold sdcard_type:dir create_dir_perms; allow vold sdcard_type:file create_file_perms; |