2014-11-26 21:26:14 +00:00
|
|
|
domain_trans(init, rootfs, vold)
|
|
|
|
|
2013-11-14 03:46:26 +00:00
|
|
|
# Allow vold to manage ASEC
|
|
|
|
allow vold sdcard_external:file create_file_perms;
|
2015-02-19 15:54:30 +00:00
|
|
|
allow vold vold_tmpfs:file create_file_perms;
|
2013-11-15 02:54:39 +00:00
|
|
|
|
2013-12-10 10:10:50 +00:00
|
|
|
# Allow vold to access fuse for fuse-based fs
|
|
|
|
allow vold fuse_device:chr_file rw_file_perms;
|
|
|
|
|
|
|
|
# NTFS-3g wants to drop permission
|
|
|
|
allow vold self:capability { setgid setuid };
|
2014-12-19 16:45:10 +00:00
|
|
|
|
|
|
|
# Vold can also run as minivold in the rootfs
|
|
|
|
recovery_only(`
|
|
|
|
allow vold rootfs:dir { add_name write };
|
2015-12-27 18:26:23 +00:00
|
|
|
allow vold rootfs:file execute_no_trans;
|
2016-08-02 21:21:35 +00:00
|
|
|
allow vold vold_tmpfs:file link;
|
2014-12-19 16:45:10 +00:00
|
|
|
')
|
2016-01-01 16:29:10 +00:00
|
|
|
|
|
|
|
# External storage
|
|
|
|
allow vold storage_stub_file:dir { rw_file_perms search add_name };
|
|
|
|
allow vold mnt_media_rw_stub_file:dir r_dir_perms;
|
|
|
|
allow vold mkfs_exec:file { execute read open execute_no_trans };
|