ADHOC
/
replicant-frameworks_native
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

restorecon the profile directory. 

This is required so that it will be assigned the correct SELinux
security context on first creation by installd.

Bug: 13927667
Change-Id: I4857d031f9e7e60d48b8c72fcb22a81b3a2ebaaa
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
Stephen Smalley 2014-04-09 14:23:43 -04:00 committed by Nick Kralevich
parent 27f8840f22
commit a240733137
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmds/installd/utils.c
View File

@ -1022,7 +1022,13 @@ int create_profile_file(const char *pkgname, gid_t gid) {
// Make the profile directory write-only for group and other. Owner can rwx it.
if (chmod(profile_dir, 0711) < 0) {
ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno));
unlink(profile_dir);
rmdir(profile_dir);
return -1;
}
if (selinux_android_restorecon(profile_dir, 0) < 0) {
ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno));
rmdir(profile_dir);
return -1;
}
}