Label /vendor_file_contexts as file_contexts_file
vendor_init doesn't have permissions to read rootfs labeled files, but needs to read /vendor_file_contexts to do restorecon correctly. This file is a file_contexts file, so labeling it as such seems appropriate. Test: bullhead + vendor_init doesn't hit this audit Change-Id: I1f2cf7dd7de17806ac0f1dfe2483fb6d6659939b
This commit is contained in:
Tom Cherry
parent
bc24ba7283
commit
ecc4868f71
1 changed files with 1 additions and 0 deletions
|
|
@ -38,6 +38,7 @@
|
|||
/sdcard u:object_r:rootfs:s0
|
||||
|
||||
# SELinux policy files
|
||||
/vendor_file_contexts u:object_r:file_contexts_file:s0
|
||||
/nonplat_file_contexts u:object_r:file_contexts_file:s0
|
||||
/plat_file_contexts u:object_r:file_contexts_file:s0
|
||||
/mapping_sepolicy\.cil u:object_r:sepolicy_file:s0
|
||||
|
|
|
|||
Loading…
Reference in a new issue