From 1e54bacfe08df2ac549b39415b9852cad7acac67 Mon Sep 17 00:00:00 2001 From: Arian Date: Tue, 20 Aug 2019 17:19:38 +0200 Subject: shinano-common: sepolicy: Allow credmgrd to create files in cache --- sepolicy/bluetooth.te | 2 +- sepolicy/credmgrd.te | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sepolicy/bluetooth.te b/sepolicy/bluetooth.te index bea11a3..cd74b06 100644 --- a/sepolicy/bluetooth.te +++ b/sepolicy/bluetooth.te @@ -1,4 +1,4 @@ allow bluetooth hci_attach_dev:chr_file { open read write }; allow bluetooth ta_data_file:file { open read }; allow bluetooth ta_data_file:dir { search }; - +allow bluetooth storage_stub_file:dir { getattr }; diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te index b354cda..d82ddac 100644 --- a/sepolicy/credmgrd.te +++ b/sepolicy/credmgrd.te @@ -60,7 +60,7 @@ allow credmgrd ion_device:chr_file { ioctl open read }; #============= credmgr init script ============== allow credmgrd cache_file:dir { add_name search }; -allow credmgrd cache_file:file { append create getattr open read unlink write }; +allow credmgrd cache_file:file { create_file_perms }; allow credmgrd credmgrd_data_file:dir { add_name getattr relabelto reparent rename rmdir search }; allow credmgrd credmgrd_data_file:file { append getattr open read unlink write }; allow credmgrd credmgrd_prop:property_service set; -- cgit v1.2.3