Merge "Fix selinux denials when applying updates in recovery."
This commit is contained in:
David Anderson
Gerrit Code Review
commit
0f0fbd44f9
1 changed files with 4 additions and 0 deletions
|
|
@ -138,6 +138,10 @@ recovery_only(`
|
|||
# This line seems suspect, as it should not really need to
|
||||
# set scheduling parameters for a kernel domain task.
|
||||
allow recovery kernel:process setsched;
|
||||
|
||||
# These are needed to update dynamic partitions in recovery.
|
||||
r_dir_file(recovery, sysfs_dm)
|
||||
allowxperm recovery super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
|
||||
')
|
||||
|
||||
###
|
||||
|
|
|
|||
Loading…
Reference in a new issue