4c0259d5c7
A number of things have changed, such as how the linkerconfig is managed. Update permissions to reflect the changes. Bug: 181182967 Test: Manual OTA of cuttlefish Change-Id: I32207eb7c5653969e5cef4830e18f8c8fb330026
22 lines
814 B
Text
22 lines
814 B
Text
type linkerconfig, domain, coredomain;
|
|
type linkerconfig_exec, exec_type, file_type, system_file_type;
|
|
|
|
init_daemon_domain(linkerconfig)
|
|
|
|
## Read and write linkerconfig subdirectory.
|
|
allow linkerconfig linkerconfig_file:dir create_dir_perms;
|
|
allow linkerconfig linkerconfig_file:file create_file_perms;
|
|
|
|
# Allow linkerconfig to log to the kernel.
|
|
allow linkerconfig kmsg_device:chr_file w_file_perms;
|
|
|
|
# Allow linkerconfig to be invoked with logwrapper from init.
|
|
allow linkerconfig devpts:chr_file { read write };
|
|
|
|
# Allow linkerconfig to scan for apex modules
|
|
allow linkerconfig apex_mnt_dir:dir r_dir_perms;
|
|
|
|
# Allow linkerconfig to read apex-info-list.xml
|
|
allow linkerconfig apex_info_file:file r_file_perms;
|
|
|
|
neverallow { domain -init -linkerconfig -otapreopt_chroot } linkerconfig_exec:file no_x_file_perms;
|