Allow system UID to setenforce and set booleans for SELinux. (175d0d96) · Commits · e / os / android_system_core

rootdir/init.rc

+10 −0

Original line number	Original line	Diff line number	Diff line
	@@ -25,6 +25,14 @@ on early-init
	# Create mountpoint so Dalvik can mark as slave in zygotes.		# Create mountpoint so Dalvik can mark as slave in zygotes.
	mount tmpfs tmpfs /storage mode=0050,uid=0,gid=1028		mount tmpfs tmpfs /storage mode=0050,uid=0,gid=1028

			# Allow system UID to setenforce and set booleans.
			chown system system /selinux/enforce
			chown system system /sys/fs/selinux/enforce
			chown -R system system /selinux/booleans
			chown -R system system /sys/fs/selinux/booleans
			chown system system /selinux/commit_pending_bools
			chown system system /sys/fs/selinux/commit_pending_bools

	on init		on init

	sysclktz 0		sysclktz 0
	@@ -491,6 +499,8 @@ service ueventd /sbin/ueventd
	on property:selinux.reload_policy=1		on property:selinux.reload_policy=1
	restart ueventd		restart ueventd
	restart installd		restart installd
			chown -R system system /selinux/booleans
			chown -R system system /sys/fs/selinux/booleans

	service console /system/bin/sh		service console /system/bin/sh
	class core		class core