Merge "Allow weaved to set 'weave.status' system property"

author: Alex Vakulenko <avakulenko@google.com> 2015-11-20 18:45:29 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2015-11-20 18:45:29 +0000
commit: 8a575fdec2f30d6bc41b9a69217c83a27f51718b (patch)
tree: a310b1c0735f7dae8f450c1a8a451a5a6903fba9
parent: e36b05be69c4d09f5c6bce8aebc5edaec046e2b4 (diff)
parent: 3adf05d8f1a2ee2c122cca3ef62c8e691be64051 (diff)
download: brillo-8a575fdec2f30d6bc41b9a69217c83a27f51718b.tar.gz
2 files changed, 5 insertions, 0 deletions
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index b63e87f..4acea78 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -1,3 +1,4 @@
 firewall               u:object_r:brillo_setup_prop:s0
 crash_reporter         u:object_r:crash_reporter_prop:s0
 wifi-setup             u:object_r:wifi_setup_prop:s0
+weave                  u:object_r:weave_prop:s0
diff --git a/sepolicy/weave.te b/sepolicy/weave.te
index 2cf15b1..d4cbe9f 100644
--- a/sepolicy/weave.te
+++ b/sepolicy/weave.te
@@ -2,6 +2,7 @@
 type weaved, domain;
 type weaved_exec, exec_type, file_type;
 type weaved_data_file, file_type, data_file_type;
+type weave_prop, property_type;
 
 brillo_domain(weaved)
 net_domain(weaved)
@@ -9,6 +10,9 @@ net_domain(weaved)
 # Allow crash_reporter access to core dump files.
 allow_crash_reporter(weaved)
 
+# Allow setting weave properties.
+set_prop(weaved, weave_prop)
+
 allow weaved weaved_data_file:dir w_dir_perms;
 allow weaved weaved_data_file:file create_file_perms;
 allow weaved webservd:fd use;
author	Alex Vakulenko <avakulenko@google.com>	2015-11-20 18:45:29 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2015-11-20 18:45:29 +0000
commit	8a575fdec2f30d6bc41b9a69217c83a27f51718b (patch)
tree	a310b1c0735f7dae8f450c1a8a451a5a6903fba9
parent	e36b05be69c4d09f5c6bce8aebc5edaec046e2b4 (diff)
parent	3adf05d8f1a2ee2c122cca3ef62c8e691be64051 (diff)
download	brillo-8a575fdec2f30d6bc41b9a69217c83a27f51718b.tar.gz