You can always add a signature stanza to the mac_permissions.xml file. Invoking the command "setool --build keys YourApp.apk" will give you the X.509 certificate needed for that stanza. You'll want to follow the example stanzas already in the mac_permissions.xml file as how to construct the rest of the signature stanza. Some things to note are, be sure to add an seinfo tag as that is what the seapp_contexts configuration file uses to label the app process and app package directory, and be sure to detail the maximal set of permissions that your app or group of apps will be allowed on installed. You'll then want to follow this with adding a new line to the seapp_contexts file that uses the seinfo tag you described with your signature stanza in the mac_permissions.xml file.
On Thu, Nov 28, 2013 at 8:50 AM, Severin Friede <[email protected]>wrote: > I need your help for my next issue. When browsing through the > "external/sepolicy" folder I found out that SEAndroid is able to recognize > apps by the signed key and assign them in the appropriate domain. Is it > possible to extend this behavior with my own signing key? I want to assign > my own apps (signed with my key) to a custom domain and provide different > permissions for them. >
