restorecon the profile directory.
This is required so that it will be assigned the correct SELinux security context on first creation by installd. Bug: 13927667 Change-Id: I4857d031f9e7e60d48b8c72fcb22a81b3a2ebaaa Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
parent
27f8840f22
commit
a240733137
@ -1022,7 +1022,13 @@ int create_profile_file(const char *pkgname, gid_t gid) {
|
||||
// Make the profile directory write-only for group and other. Owner can rwx it.
|
||||
if (chmod(profile_dir, 0711) < 0) {
|
||||
ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno));
|
||||
unlink(profile_dir);
|
||||
rmdir(profile_dir);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (selinux_android_restorecon(profile_dir, 0) < 0) {
|
||||
ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno));
|
||||
rmdir(profile_dir);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user