diff options
author | Nick Kralevich <nnk@google.com> | 2016-03-29 15:37:20 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2016-03-29 15:37:20 -0700 |
commit | c81ebe522c66dd6e6ef4419ecc7737e2e1740d59 (patch) | |
tree | 4174530cbf7f483e0ebdcfca48beef00f2d5e63c /toolbox.te | |
parent | 6937aa93ac0a36f19cb13b81a282dedcad324be5 (diff) | |
download | sepolicy-c81ebe522c66dd6e6ef4419ecc7737e2e1740d59.tar.gz |
These files have been moved to system/sepolicy.
Bug: 27875478
Change-Id: I057784af0e9f6e43cd9a22ffce26fd63acccf98b
Diffstat (limited to 'toolbox.te')
-rw-r--r-- | toolbox.te | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/toolbox.te b/toolbox.te deleted file mode 100644 index 55de7eb..0000000 --- a/toolbox.te +++ /dev/null @@ -1,26 +0,0 @@ -# Any toolbox command run by init. -# At present, the only known usage is for running mkswap via fs_mgr. -# Do NOT use this domain for toolbox when run by any other domain. -type toolbox, domain, domain_deprecated; -type toolbox_exec, exec_type, file_type; - -init_daemon_domain(toolbox) - -# /dev/__null__ created by init prior to policy load, -# open fd inherited by fsck. -allow toolbox tmpfs:chr_file { read write ioctl }; - -# Inherit and use pty created by android_fork_execvp_ext(). -allow toolbox devpts:chr_file { read write getattr ioctl }; - -# mkswap-specific. -# Read/write block devices used for swap partitions. -# Assign swap_block_device type any such partition in your -# device/<vendor>/<product>/sepolicy/file_contexts file. -allow toolbox block_device:dir search; -allow toolbox swap_block_device:blk_file rw_file_perms; - -# Only allow entry from init via the toolbox binary. -neverallow { domain -init } toolbox:process transition; -neverallow * toolbox:process dyntransition; -neverallow toolbox { file_type fs_type -toolbox_exec}:file entrypoint; |