Merge changes I1bbf480c,Icf2059cc

* changes:
  Allow search permission on apex data directories.
  Change ownership of apex data directories to root.
This commit is contained in:
Oli Lan 2020-01-17 17:20:36 +00:00 committed by Gerrit Code Review
commit 701a99834f

View file

@ -121,7 +121,7 @@ static bool rmrf_contents(const std::string& path) {
} }
static bool prepare_apex_subdirs(struct selabel_handle* sehandle, const std::string& path) { static bool prepare_apex_subdirs(struct selabel_handle* sehandle, const std::string& path) {
if (!prepare_dir(sehandle, 0700, 0, 0, path + "/apexdata")) return false; if (!prepare_dir(sehandle, 0711, 0, 0, path + "/apexdata")) return false;
auto dirp = std::unique_ptr<DIR, int (*)(DIR*)>(opendir("/apex"), closedir); auto dirp = std::unique_ptr<DIR, int (*)(DIR*)>(opendir("/apex"), closedir);
if (!dirp) { if (!dirp) {
@ -138,7 +138,7 @@ static bool prepare_apex_subdirs(struct selabel_handle* sehandle, const std::str
if (strchr(name, '@') != NULL) continue; if (strchr(name, '@') != NULL) continue;
if (!prepare_dir(sehandle, 0700, AID_SYSTEM, AID_SYSTEM, path + "/apexdata/" + name)) { if (!prepare_dir(sehandle, 0771, AID_ROOT, AID_SYSTEM, path + "/apexdata/" + name)) {
return false; return false;
} }
} }