diff options
| author | Arian <arian.kulmer@web.de> | 2021-04-06 19:29:03 +0200 |
|---|---|---|
| committer | Arian <arian.kulmer@web.de> | 2021-04-07 11:50:33 +0200 |
| commit | e99db13236bc8ac3471fcb22e81178fc423679eb (patch) | |
| tree | d13113be29fdb04c693b323ae6d2e58ea8d28893 /sepolicy | |
| parent | 0950b9cb5eeddcc776a656c87cdf0d97d36e961e (diff) | |
shinano-common: rootdir: Introduce a service to start suntrold
* suntrold is a oneshot service and spawns a subprocess which is required
for the rear camera. Since [1] oneshot services' process groups are
killed which prevents suntrold from working correctly.
* To work this issue around create a non-oneshot service, suntrold.sh, which
never exits, so that suntrold can be started from it and it's subprocesses
will not be killed.
[1] https://github.com/aosp-mirror/platform_system_core/commit/d89ed132a0ee1a57046286b83e64a35b71774952
[Idea of this is from LuK1337]
Co-authored-by: LuK1337 <priv.luk@gmail.com>
Change-Id: Id9c4f56648168f0ffe19b2bb31c591750afe6f97
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/credmgrd.te | 3 | ||||
| -rw-r--r-- | sepolicy/dontaudit.te | 2 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 1 |
3 files changed, 5 insertions, 1 deletions
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te index 2b61930..38edd9f 100644 --- a/sepolicy/credmgrd.te +++ b/sepolicy/credmgrd.te @@ -18,4 +18,7 @@ allow credmgrd system_data_root_file:dir { create_dir_perms relabelfrom }; allow credmgrd credmgrd_data_file:dir { create_dir_perms relabelto }; allow credmgrd credmgrd_data_file:file create_file_perms; +# Allow suntrold.sh to start suntrold +allow credmgrd credmgrd_exec:file rx_file_perms; + set_prop(credmgrd, credmgrd_prop) diff --git a/sepolicy/dontaudit.te b/sepolicy/dontaudit.te index 2ddef4b..faf73b3 100644 --- a/sepolicy/dontaudit.te +++ b/sepolicy/dontaudit.te @@ -1 +1 @@ -dontaudit domain credmgrd_exec:file *; +dontaudit { domain -credmgrd } credmgrd_exec:file *; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index d95a492..d953062 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -18,6 +18,7 @@ /(vendor|system/vendor)/bin/credmgrd u:object_r:credmgrd_exec:s0 /(vendor|system/vendor)/bin/credmgrfirstboot\.sh u:object_r:credmgrd_exec:s0 /(vendor|system/vendor)/bin/suntrold u:object_r:credmgrd_exec:s0 +/(vendor|system/vendor)/bin/suntrold.sh u:object_r:credmgrd_exec:s0 # Lineage hardware /(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.shinano u:object_r:hal_lineage_touch_default_exec:s0 |