Blame - recovery.te - fp2-dev/platform/external/sepolicy

blob: 37d645593caff66aeff9fec738049e8f9d1fe7d9 [file] [log] [blame]

Stephen Smalley	6d10ca8	2014-01-13 09:45:45 -0500	[diff] [blame]	1	# recovery console (used in recovery init.rc for /sbin/recovery)
				2	type recovery, domain;
				3	allow recovery rootfs:file entrypoint;
				4	unconfined_domain(recovery)
				5	relabelto_domain(recovery)
				6
Stephen Smalley	04ee5df	2014-01-30 13:23:08 -0500	[diff] [blame]	7	allow recovery self:capability2 mac_admin;
				8
Stephen Smalley	6d10ca8	2014-01-13 09:45:45 -0500	[diff] [blame]	9	allow recovery {fs_type dev_type -kmem_device file_type}:dir_file_class_set relabelto;
				10	allow recovery unlabeled:filesystem mount;
Stephen Smalley	b081cc1	2014-02-10 13:29:38 -0500	[diff] [blame^]	11	allow recovery fs_type:filesystem *;
Stephen Smalley	6d10ca8	2014-01-13 09:45:45 -0500	[diff] [blame]	12
				13	allow recovery self:process execmem;
Stephen Smalley	9fe4e7b	2014-01-13 15:32:11 -0500	[diff] [blame]	14	allow recovery ashmem_device:chr_file execute;
Stephen Smalley	9a40702	2014-01-13 14:03:47 -0500	[diff] [blame]	15	allow recovery tmpfs:file rx_file_perms;