android
/
device_phh_treble
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

More rights

This commit is contained in:
Pierre-Hugues Husson 2019-08-09 23:39:36 +02:00
parent c323b7e9b9
commit c7d378a359
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sepolicy/su.te
View File

@ -52,7 +52,7 @@ allow phhsu_daemon self:lnk_file { r_file_perms execmod };
allow phhsu_daemon adbd_exec:file { getattr read };
allow phhsu_daemon { rootfs same_process_hal_file system_file tmpfs }:file { mounton getattr };
allow phhsu_daemon self:capability { sys_admin chown setuid setgid net_raw dac_override dac_read_search kill };
allow phhsu_daemon self:capability { sys_admin chown setuid setgid net_raw dac_override dac_read_search kill fowner };
allow phhsu_daemon self:capability2 { syslog };
allow phhsu_daemon shell_exec:file rx_file_perms;
allow phhsu_daemon system_file:file { rx_file_perms entrypoint };
@ -89,8 +89,9 @@ allow phhsu_daemon dex2oat_exec:file rx_file_perms;
allow phhsu_daemon phhsu_daemon_tmpfs:file rwx_file_perms;
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:file { rwx_file_perms create mounton};
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:dir { rw_dir_perms mounton };
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:file { rwx_file_perms create mounton setattr getattr relabelto relabelfrom };
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:lnk_file { rw_file_perms create mounton setattr getattr relabelto relabelfrom };
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:dir { rw_dir_perms create mounton setattr getattr relabelto relabelfrom };
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:chr_file rwx_file_perms;
allow phhsu_daemon { proc_type dev_type exec_type file_type sysfs_type fs_type }:blk_file rw_file_perms;
@ -126,4 +127,4 @@ allow phhsu_daemon phhsu_daemon:file relabelfrom;
allow phhsu_daemon properties_device:dir { map };
allow phhsu_daemon { tmpfs }:dir { mounton };
allow phhsu_daemon system_file:file { relabelto };
allow phhsu_daemon { file_type shell_data_file system_file}:file { relabelto relabelfrom} ;