Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit deb41e51 authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Set security context of /adb_keys and /data/misc/adb/adb_keys. 



I97b3d86a69681330bba549491a2fb39df6cf20ef introduced a separate type
for the adb_keys file.  Set the security context of the adb_keys file
accordingly by adding restorecon commands to init.rc.

Change-Id: I30e4d2a1ae223a03eadee58a883c79932fff59fe
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent 61afb07b

rootdir/init.rc

+7 −0
Original line number Original line Diff line number Diff line
@@ -16,6 +16,9 @@ on early-init 
    # This should occur before anything else (e.g. ueventd) is started.

    # This should occur before anything else (e.g. ueventd) is started.

    setcon u:r:init:s0

    setcon u:r:init:s0





    # Set the security context of /adb_keys if present.

    restorecon /adb_keys



    start ueventd

    start ueventd





# create mountpoints

# create mountpoints
@@ -208,6 +211,10 @@ on post-fs-data 
    mkdir /data/local 0751 root root

    mkdir /data/local 0751 root root

    mkdir /data/misc/media 0700 media media

    mkdir /data/misc/media 0700 media media





    # Set security context of any pre-existing /data/misc/adb/adb_keys file.

    restorecon /data/misc/adb

    restorecon /data/misc/adb/adb_keys



    # For security reasons, /data/local/tmp should always be empty.

    # For security reasons, /data/local/tmp should always be empty.

    # Do not place files or directories in /data/local/tmp

    # Do not place files or directories in /data/local/tmp

    mkdir /data/local/tmp 0771 shell shell

    mkdir /data/local/tmp 0771 shell shell