Can't you set name in seapp_contexts to the package name of the custom app, then set seinfo to platform? On Sep 26, 2014 5:50 AM, "Stephen Smalley" <[email protected]> wrote:
> On 09/26/2014 05:00 AM, harish kavali wrote: > > Dear all, > > > > > > Need help for the following issue , i am trying to run a app whose > > *SharedUSerID is android.uid.system *& signed with platform certificate > in > > custom domain but in seapp_contexts file > > already a entry is there like > > > > user=system domain=system type=system_data_file > > > > i want to run the my app which is platform signed & having system as > shared > > user id in a custom domain , > > can i do this without affecting other apps > > Yes, you can nest a package stanza within the platform stanza to assign > a specific seinfo value to the app. Looks like: > > mac_permissions.xml: > <signer signature="@PLATFORM" > > <seinfo value="platform" /> > <package name="name-of-package"> > <seinfo value="foo"> > </package> > </signer> > > seapp_contexts: > user=system seinfo=foo domain=foo type=foo_data_file > > However, I don't believe we currently provide a way to do that without > modifying external/sepolicy/mac_permissions.xml; the current logic for > combining it with device/*/*/sepolicy/mac_permissions.xml won't merge > multiple signer stanzas with the same signature and the SELinuxMMAC code > will end up just using one of them. > > > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to > [email protected]. >
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
