Yes sorry, that code is in installd IIRC. Triggered from package manager. On Apr 3, 2015 7:14 PM, "Tai Nguyen (tainguye)" <[email protected]> wrote:
> Thanks Bill. We do have restore_recursive in our code. That’s one of the > reason I thought we have the app data relabelled correctly as well. > However, I expect the code that label app directories will be in either > package manager or installd, right? > > Thanks, > Tai > > From: William Roberts <[email protected]> > Date: Friday, April 3, 2015 at 6:24 PM > To: Tai Nguyen <[email protected]> > Cc: "[email protected]" <[email protected]> > Subject: Re: Question on seapp_context > > Off the top of my head git blame the init.rc on master for > restorecon_recursive /data and there's a patch in libselinux to support > storing the hash of fc when a restore on happens to prevent label walks > when no change was made. Offhand from my cellphone I don't have the change > ids handy. > On Apr 3, 2015 6:14 PM, "Tai Nguyen (tainguye)" <[email protected]> > wrote: > >> Thanks. That would explain what we see. >> Which version support /data relabeling? And, how do we find the patch for >> the /data relabeling. >> >> Thanks, >> Tai >> >> From: William Roberts <[email protected]> >> Date: Friday, April 3, 2015 at 5:49 PM >> To: Tai Nguyen <[email protected]> >> Cc: "[email protected]" <[email protected]> >> Subject: Re: Question on seapp_context >> >> IIRC 4.4 doesn't support /data relabeling >> On Apr 3, 2015 5:05 PM, "Tai Nguyen (tainguye)" <[email protected]> >> wrote: >> >>> Do we have any restriction on using app_data_file domain for >>> system_app? >>> >>> We made the following change, but the data directory still show >>> system_app_data_file. >>> >>> - File mac_permissions.xml >>> >>> <signer signature="@PLATFORM" > >>> <!-- CFG app --> >>> <package name="cip.cfg"> >>> <seinfo value="cfg_app" /> >>> </package> >>> >>> - File seapp_contexts >>> user=system seinfo=cfg_app name=cip.cfg domain=system_app >>> type=app_data_file >>> >>> This is for KitKat 4.4 code base. The app needs to be system_app for >>> other interaction but its data does not need to be protected. >>> >>> Thanks, >>> Tai >>> >>> _______________________________________________ >>> Seandroid-list mailing list >>> [email protected] >>> To unsubscribe, send email to [email protected]. >>> To get help, send an email containing "help" to >>> [email protected]. >>> >>
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
