9cd2abc2a2
If cppreopts.sh failed to copy files for some reason it would leave the temporary files sitting around in the data directory. This changes the selinux rules so that cppreopts is able to get rid of these temporary files. Test: phone boots. Bug: 63995897 Change-Id: I2a7e654c3a3cee7c9f0be8ba64e40c365eee4cfe
22 lines
838 B
Text
22 lines
838 B
Text
# cppreopts
|
|
#
|
|
# This command copies preopted files from the system_b partition to the data
|
|
# partition. This domain ensures that we are only copying into specific
|
|
# directories.
|
|
|
|
type cppreopts, domain, mlstrustedsubject;
|
|
type cppreopts_exec, exec_type, file_type;
|
|
|
|
# Allow cppreopts copy files into the dalvik-cache
|
|
allow cppreopts dalvikcache_data_file:dir { add_name remove_name search write };
|
|
allow cppreopts dalvikcache_data_file:file { create getattr open read rename write unlink };
|
|
|
|
# Allow cppreopts to execute itself using #!/system/bin/sh
|
|
allow cppreopts shell_exec:file rx_file_perms;
|
|
|
|
# Allow us to run find on /postinstall
|
|
allow cppreopts system_file:dir { open read };
|
|
|
|
# Allow running the cp command using cppreopts permissions. Needed so we can
|
|
# write into dalvik-cache
|
|
allow cppreopts toolbox_exec:file rx_file_perms;
|