b1f434c446
Move vendor policy to vendor and add a place for system extensions. Also add such an extension: a labeling of the qti.ims.ext service. Bug: 38151691 Bug: 62041272 Test: Policy binary identical before and after, except plat_service_contexts has new service added. Change-Id: Ie4e8527649787dcf2391b326daa80cf1c9bd9d2f Change-Id: I1493c4c8876c4446a1de46b39942098bf49c79f8
14 lines
No EOL
589 B
Text
14 lines
No EOL
589 B
Text
type init_fingerprint, domain;
|
|
type init_fingerprint_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
# Allow for transition from init domain to init_fingerprint
|
|
init_daemon_domain(init_fingerprint)
|
|
|
|
# Shell script needs to execute /vendor/bin/sh
|
|
allow init_fingerprint vendor_shell_exec:file rx_file_perms;
|
|
allow init_fingerprint vendor_toolbox_exec:file rx_file_perms;
|
|
|
|
# Allow to delete file
|
|
allow init_fingerprint persist_file:dir search;
|
|
allow init_fingerprint persist_drm_file:dir { read search open write remove_name };
|
|
allow init_fingerprint persist_drm_file:file { getattr unlink }; |