restorecon_recursive /cache Make sure all files / directories within /cache are properly labeled, not just the directory itself. Addresses the following denial: type=1400 audit(0.0:26): avc: denied { getattr } for comm="Thread-85" path="/cache/lost+found" dev="mmcblk0p27" ino=11 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir Change-Id: I5937b30043efeb696ffaa77258b7294d20d1494e

commit: e1695914d55d9ced3645fc532191970c9450e9e9 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Wed Jul 09 12:39:21 2014 -0700
committer: Nick Kralevich <nnk@google.com> Wed Jul 09 12:40:13 2014 -0700
tree: 8b86ce62c6d24ab0f061b86446bf24c243f52d49
parent: 6e141aea189769a428a7da6c2206df6d0ed2c69d [diff]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index a983f29..e2bc5b3 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -189,13 +189,11 @@
     chown system cache /cache
     chmod 0770 /cache
     # We restorecon /cache in case the cache partition has been reset.
-    restorecon /cache
+    restorecon_recursive /cache
 
     # This may have been created by the recovery system with odd permissions
     chown system cache /cache/recovery
     chmod 0770 /cache/recovery
-    # This may have been created by the recovery system with the wrong context.
-    restorecon /cache/recovery
 
     #change permissions on vmallocinfo so we can grab it from bugreports
     chown root log /proc/vmallocinfo
commit	e1695914d55d9ced3645fc532191970c9450e9e9	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Wed Jul 09 12:39:21 2014 -0700
committer	Nick Kralevich <nnk@google.com>	Wed Jul 09 12:40:13 2014 -0700
tree	8b86ce62c6d24ab0f061b86446bf24c243f52d49
parent	6e141aea189769a428a7da6c2206df6d0ed2c69d [diff]