On 09/26/2014 05:00 AM, harish kavali wrote:
> Dear all,
>
>
> Need help for the following issue , i am trying to run a app whose
> *SharedUSerID is android.uid.system *& signed with platform certificate in
> custom domain but in seapp_contexts file
> already a entry is there like
>
> user=system domain=system type=system_data_file
>
> i want to run the my app which is platform signed & having system as shared
> user id in a custom domain ,
> can i do this without affecting other apps
Yes, you can nest a package stanza within the platform stanza to assign
a specific seinfo value to the app. Looks like:
mac_permissions.xml:
<signer signature="@PLATFORM" >
<seinfo value="platform" />
<package name="name-of-package">
<seinfo value="foo">
</package>
</signer>
seapp_contexts:
user=system seinfo=foo domain=foo type=foo_data_file
However, I don't believe we currently provide a way to do that without
modifying external/sepolicy/mac_permissions.xml; the current logic for
combining it with device/*/*/sepolicy/mac_permissions.xml won't merge
multiple signer stanzas with the same signature and the SELinuxMMAC code
will end up just using one of them.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
