Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dce8ba25 authored by Eric Biggers's avatar Eric Biggers
Browse files

init.rc: restorecon /data/media before chattr 

The SELinux type of /data/media has changed from media_rw_data_file to
media_userdir_file, but the recursive restorecon of /data happens too
late when taking an upgrade.  Add a restorecon of /data/media to just
above the chattr command which needs the new label to be allowed.  This
doesn't "really" matter, since the chattr command is only needed just
after the directory was created anyway, but this fixes a SELinux denial.

Bug: 156305599
Bug: 232824121
Change-Id: I897be19ceb4686511469bdf7efda2483f298eee4
parent 9fcf0002

rootdir/init.rc

+5 −1
Original line number Diff line number Diff line
@@ -922,7 +922,6 @@ on post-fs-data 
    # contain any subdirectories other than the per-user ones.  /data/media/obb

    # is an exception that exists for legacy reasons.

    mkdir /data/media 0770 media_rw media_rw encryption=None

    exec - media_rw media_rw -- /system/bin/chattr +F /data/media

    mkdir /data/misc_ce 01771 system misc encryption=None

    mkdir /data/misc_de 01771 system misc encryption=None

    mkdir /data/system_ce 0770 system system encryption=None
@@ -932,6 +931,11 @@ on post-fs-data 
    mkdir /data/vendor_ce 0771 root root encryption=None

    mkdir /data/vendor_de 0771 root root encryption=None



    # Set the casefold flag on /data/media.  For upgrades, a restorecon can be

    # needed first to relabel the directory from media_rw_data_file.

    restorecon /data/media

    exec - media_rw media_rw -- /system/bin/chattr +F /data/media



    # A tmpfs directory, which will contain all apps CE DE data directory that

    # bind mount from the original source.

    mount tmpfs tmpfs /data_mirror nodev noexec nosuid mode=0700,uid=0,gid=1000