From ca2061460cb1570fb7f5cb3a3c977d41681daa3b Mon Sep 17 00:00:00 2001 From: Pat Erley Date: Mon, 9 May 2016 14:36:29 -0700 Subject: [PATCH] sepolicy: Allow uncrypt additional access Uncrypt may need access to additional selinux contexts for devices with created storage solutions. Change-Id: Ie90f130ff6bafdd195379f7d57504b2fce4ef830 --- sepolicy/uncrypt.te | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sepolicy/uncrypt.te b/sepolicy/uncrypt.te index 978f9e1b..2697595e 100644 --- a/sepolicy/uncrypt.te +++ b/sepolicy/uncrypt.te @@ -2,3 +2,8 @@ r_dir_file(uncrypt, media_rw_data_file) allow uncrypt recovery_cache_file:dir create_dir_perms; allow uncrypt recovery_cache_file:file create_file_perms; allow uncrypt recovery_cache_file:fifo_file rw_file_perms; + +allow uncrypt storage_file:dir r_dir_perms; +allow uncrypt storage_stub_file:dir r_dir_perms; +allow uncrypt fuse:dir r_dir_perms; +allow uncrypt fuse:file r_file_perms;