restorecon the profile directory.
This is required so that it will be assigned the correct SELinux security context on first creation by installd. Bug: 13927667 Change-Id: I4857d031f9e7e60d48b8c72fcb22a81b3a2ebaaa Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
parent
27f8840f22
commit
a240733137
@ -1022,7 +1022,13 @@ int create_profile_file(const char *pkgname, gid_t gid) {
|
|||||||
// Make the profile directory write-only for group and other. Owner can rwx it.
|
// Make the profile directory write-only for group and other. Owner can rwx it.
|
||||||
if (chmod(profile_dir, 0711) < 0) {
|
if (chmod(profile_dir, 0711) < 0) {
|
||||||
ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno));
|
ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno));
|
||||||
unlink(profile_dir);
|
rmdir(profile_dir);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (selinux_android_restorecon(profile_dir, 0) < 0) {
|
||||||
|
ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno));
|
||||||
|
rmdir(profile_dir);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user