On Oct 18, 2016 9:34 AM, "Sava Mikalački" <[email protected]> wrote: > > I'm trying to extend aosp file_contexts by adding a new entry for /data/system/ifw. I've created a file_contexts under my vendor directory structure but if I try to use the new label, build crashes with unknown type. I'm
You need to declare the type with the type keyword: type system_data_ifw, file_type; trying to enable a platform_app to write to data/system/ifw and here is what I have so far: > file_contexts: > /data/system/ifw(/.*)? u:object_r:system_data_ifw:s0 > platform_app.te: > allow platform_app system_data_ifw:file create_file_perms; Platform applications shouldn't be creating stuff around the system, they should stick to their sandbox. I cant recall offhand, but a never allow I wrote might assert itself on that allow rule. > > I also tried adding: > /data/system/ifw(/.*)? u:object_r:system_data_ifw:s0 > to my device specific sepolicy but it still doesnt get picked up. > > Am I taking the right approach? You extend policy in your own specific location set by BOARD_SEPOlICY_DIRS = path/to/directory Then just add files to that directory. No need to ever touch system/sepolicy or on older versions of Android external/sepolicy. > > -- > I have only two questions: How much and give it to me. > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to [email protected].
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
