summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArian <arian.kulmer@web.de>2019-08-20 17:19:38 +0200
committerArian <arian.kulmer@web.de>2019-10-07 11:07:17 +0200
commit1e54bacfe08df2ac549b39415b9852cad7acac67 (patch)
tree58d6f2808daf69636a3279708871456c2c71968b
parenta152154ec26cece2b38160901bbf9d29231b9457 (diff)
shinano-common: sepolicy: Allow credmgrd to create files in cache
-rw-r--r--sepolicy/bluetooth.te2
-rw-r--r--sepolicy/credmgrd.te2
2 files changed, 2 insertions, 2 deletions
diff --git a/sepolicy/bluetooth.te b/sepolicy/bluetooth.te
index bea11a3..cd74b06 100644
--- a/sepolicy/bluetooth.te
+++ b/sepolicy/bluetooth.te
@@ -1,4 +1,4 @@
allow bluetooth hci_attach_dev:chr_file { open read write };
allow bluetooth ta_data_file:file { open read };
allow bluetooth ta_data_file:dir { search };
-
+allow bluetooth storage_stub_file:dir { getattr };
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te
index b354cda..d82ddac 100644
--- a/sepolicy/credmgrd.te
+++ b/sepolicy/credmgrd.te
@@ -60,7 +60,7 @@ allow credmgrd ion_device:chr_file { ioctl open read };
#============= credmgr init script ==============
allow credmgrd cache_file:dir { add_name search };
-allow credmgrd cache_file:file { append create getattr open read unlink write };
+allow credmgrd cache_file:file { create_file_perms };
allow credmgrd credmgrd_data_file:dir { add_name getattr relabelto reparent rename rmdir search };
allow credmgrd credmgrd_data_file:file { append getattr open read unlink write };
allow credmgrd credmgrd_prop:property_service set;