diff options
author | nailyk-fr <nailyk_git@nailyk.fr> | 2017-04-28 16:46:44 +0200 |
---|---|---|
committer | nailyk-fr <nailyk_git@nailyk.fr> | 2017-05-10 11:14:37 +0000 |
commit | 765df75917ac3fe3da5d1dd092d8c33c0983f9d6 (patch) | |
tree | 6eafdc0fe9065bc52101b429ff2fe3880f8e0c72 /sepolicy/credmgrd.te | |
parent | 092690fcb0ddfbc8c6d3c86103d2a6d1016ac44a (diff) |
shinano-common: sepolicy: Solve encryption
Change-Id: I078576ec339adcf935b47034f6c5faed429339f5
Diffstat (limited to 'sepolicy/credmgrd.te')
-rw-r--r-- | sepolicy/credmgrd.te | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te index 929a2ab..662b76d 100644 --- a/sepolicy/credmgrd.te +++ b/sepolicy/credmgrd.te @@ -61,15 +61,15 @@ allow credmgrd ion_device:chr_file { ioctl open read }; #============= credmgr init script ============== allow credmgrd cache_file:dir { add_name search }; -allow credmgrd cache_file:file { create getattr open read unlink write }; -allow credmgrd credmgrd_data_file:dir { getattr relabelto reparent rename rmdir search }; -allow credmgrd devpts:chr_file { getattr ioctl open read write }; +allow credmgrd credmgrd_data_file:dir { add_name getattr relabelto reparent rename rmdir search }; +allow credmgrd credmgrd_data_file:file { append getattr open read unlink write }; +allow credmgrd credmgrd_prop:property_service set; +allow credmgrd init:unix_stream_socket connectto; allow credmgrd property_socket:sock_file write; allow credmgrd shell_exec:file { getattr read }; -allow credmgrd system_data_file:dir { add_name remove_name write }; allow credmgrd system_file:file execute_no_trans; allow credmgrd system_prop:property_service set; -allow credmgrd system_data_file:dir { create relabelfrom setattr }; +allow credmgrd system_data_file:dir { add_name create relabelfrom remove_name setattr write }; #TODO: wrong labeled on dest socket? allow credmgrd init:unix_stream_socket connectto; |