diff options
author | Steven Lay <arbiter1000@gmail.com> | 2017-07-20 09:05:34 +0000 |
---|---|---|
committer | Steven Lay <arbiter1000@gmail.com> | 2017-07-21 02:54:51 +0000 |
commit | 768059d27a85eb9be40b6c9570193d9a9cb8ba72 (patch) | |
tree | 0e8b69437cbb6d0182fde1a9f7bbc3c887c9e88f /sepolicy | |
parent | 370c2bcd6bb97083881ed7da13f9958b88d7411c (diff) |
shinano-common: fix selinux denial in credmgrd
Fixes the denial:
avc: denied { append } for pid=327 comm="credmgrfirstboo" name=
"credmgr.log" dev="mmcblk0p24" ino=12 scontext=u:r:credmgrd:s0
tcontext=u:object_r:cache_file:s0 tclass=file permissive=0
Also fixes issue with camera not working on first boot on aries.
Change-Id: I726ff6a30745929f01f62d8504e0e0621e414ad7
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/credmgrd.te | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te index 5383834..78db47a 100644 --- a/sepolicy/credmgrd.te +++ b/sepolicy/credmgrd.te @@ -59,7 +59,7 @@ allow credmgrd ion_device:chr_file { ioctl open read }; #============= credmgr init script ============== allow credmgrd cache_file:dir { add_name search }; -allow credmgrd cache_file:file { create getattr open read unlink write }; +allow credmgrd cache_file:file { append create getattr open read unlink write }; allow credmgrd credmgrd_data_file:dir { add_name getattr relabelto reparent rename rmdir search }; allow credmgrd credmgrd_data_file:file { append getattr open read unlink write }; allow credmgrd credmgrd_prop:property_service set; |