Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit af0a1f87 authored by Tom Cherry's avatar Tom Cherry
Browse files

Label /vendor_file_contexts as file_contexts_file 

vendor_init doesn't have permissions to read rootfs labeled files, but
needs to read /vendor_file_contexts to do restorecon correctly.  This
file is a file_contexts file, so labeling it as such seems appropriate.

Test: bullhead + vendor_init doesn't hit this audit
Change-Id: I475e9735616c2426b9c7073700272f878ced2135
parent f09649c2

init/selinux.cpp

+1 −0
Original line number Diff line number Diff line
@@ -420,6 +420,7 @@ void SelinuxRestoreContext() { 


    selinux_android_restorecon("/plat_file_contexts", 0);

    selinux_android_restorecon("/nonplat_file_contexts", 0);

    selinux_android_restorecon("/vendor_file_contexts", 0);

    selinux_android_restorecon("/plat_property_contexts", 0);

    selinux_android_restorecon("/nonplat_property_contexts", 0);

    selinux_android_restorecon("/plat_seapp_contexts", 0);