tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

su.te: add filesystem dontaudit rule

Browse source 
Addresses su denials which occur when mounting filesystems not
defined by policy.

Addresses denials similar to:

  avc: denied { mount } for pid=12361 comm="mount" name="/" dev="binfmt_misc" ino=1 scontext=u:r:su:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=1

Change-Id: Ifa0d7c781152f9ebdda9534ac3a04da151f8d78e
This commit is contained in:
Nick Kralevich 2015-04-15 17:58:08 -07:00
parent e96c3abe2e
commit 85416e06a5
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
su.te
View file

@ -49,5 +49,6 @@ userdebug_or_eng(`
dontaudit su keystore:keystore_key *;
dontaudit su domain:debuggerd *;
dontaudit su domain:drmservice *;
dontaudit su unlabeled:filesystem *;
service_manager_local_audit_domain(su)
')