| Tom Marshall | 17834ae | 2014-11-26 13:26:14 -0800 | [diff] [blame] | 1 | domain_trans(init, rootfs, vold) |
| 2 | |
| Lars Greiss | 2564453 | 2013-11-19 09:26:39 +0100 | [diff] [blame] | 3 | # Allow vold to manage ASEC |
| 4 | allow vold sdcard_external:file create_file_perms; |
| Christopher R. Palmer | 2e1440e | 2015-02-19 10:54:30 -0500 | [diff] [blame] | 5 | allow vold vold_tmpfs:file create_file_perms; |
| Lars Greiss | 2564453 | 2013-11-19 09:26:39 +0100 | [diff] [blame] | 6 | |
| maxter | 03406a4 | 2014-01-11 22:08:21 -0200 | [diff] [blame] | 7 | # Allow vold to access fuse for fuse-based fs |
| 8 | allow vold fuse_device:chr_file rw_file_perms; |
| 9 | |
| 10 | # NTFS-3g wants to drop permission |
| 11 | allow vold self:capability { setgid setuid }; |
| Matt Mower | 0b2bdba | 2014-12-19 10:45:10 -0600 | [diff] [blame] | 12 | |
| 13 | # Vold can also run as minivold in the rootfs |
| 14 | recovery_only(` |
| 15 | allow vold rootfs:dir { add_name write }; |
| 16 | ') |