Gitiles
Code Review Sign In
review.blissroms.org / platform_vendor_bliss / 14e765cd711b2b6473f0c553a6f374818fe46293 / . / sepolicy / vold.te
blob: efca286b8aa5919e3cf00dfba2686414456cb909 [file] [log] [blame]
Tom Marshall39a42442014-11-26 13:26:14 -0800[diff] [blame]1domain_trans(init, rootfs, vold)
2
Pawit Pornkitprasanef907712013-11-14 10:46:26 +0700[diff] [blame]3# Allow vold to manage ASEC
4allow vold sdcard_external:file create_file_perms;
Christopher R. Palmerda48ab82015-02-19 10:54:30 -0500[diff] [blame]5allow vold vold_tmpfs:file create_file_perms;
Pawit Pornkitprasan9a19f572013-11-15 09:54:39 +0700[diff] [blame]6
Pawit Pornkitprasan54c91b82013-12-10 17:10:50 +0700[diff] [blame]7# Allow vold to access fuse for fuse-based fs
8allow vold fuse_device:chr_file rw_file_perms;
9
10# NTFS-3g wants to drop permission
11allow vold self:capability { setgid setuid };
Matt Mower2806bc42014-12-19 10:45:10 -0600[diff] [blame]12
13# Vold can also run as minivold in the rootfs
14recovery_only(`
15 allow vold rootfs:dir { add_name write };
16')
codeworkx14e765c2016-01-01 17:29:10 +0100[diff] [blame^]17
18# External storage
19allow vold storage_stub_file:dir { rw_file_perms search add_name };
20allow vold mnt_media_rw_stub_file:dir r_dir_perms;
21allow vold mkfs_exec:file { execute read open execute_no_trans };