recovery: remove auditallow for exec_type:dir writes
With the move to block based OTAs, we're never going to fix this bug. Remove the auditallow statement to avoid SELinux log spam. Bug: 15575013 Change-Id: I7864e87202b1b70020a8bdf3ef327a2cf4b6bfbd
This commit is contained in:
Nick Kralevich
parent
92b10ddb47
commit
b76966d65d
1 changed files with 2 additions and 4 deletions
|
|
@ -36,11 +36,9 @@ recovery_only(`
|
|||
# support to OTAs. However, that code has a bug. When an update occurs,
|
||||
# some directories are inappropriately labeled as exec_type. This is
|
||||
# only transient, and subsequent steps in the OTA script correct this
|
||||
# mistake.
|
||||
# Allow this behavior for now until we can fix the underlying bug.
|
||||
# b/15575013
|
||||
# mistake. New devices are moving to block based OTAs, so this is not
|
||||
# worth fixing. b/15575013
|
||||
allow recovery exec_type:dir { create_dir_perms relabelfrom relabelto };
|
||||
auditallow recovery exec_type:dir { create_dir_perms relabelfrom relabelto };
|
||||
|
||||
# Write to /proc/sys/vm/drop_caches
|
||||
# TODO: create more specific label?
|
||||
|
|
|
|||
Loading…
Reference in a new issue