replicant-vendor_replicant/sepolicy/file_contexts
d34d 79eda9ebb8 sepolicy: Put theme service in its own context
Allow the theme manager and its data to be sandboxed in
its own context

Change-Id: I7898663d1c196bfe04fa4c539d20191a43fde284
2016-08-02 12:15:34 -07:00

58 lines
2.2 KiB
Plaintext

/cache/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0
/cache/recovery(/.*)? u:object_r:recovery_cache_file:s0
# Auditd is a logging daemon. Put it into logd's context
/system/bin/auditd u:object_r:logd_exec:s0
/data/misc/audit(/.*)? u:object_r:auditd_log:s0
# Themes
/data/system/theme(/.*)? u:object_r:themeservice_app_data_file:s0
/system/bin/sysinit u:object_r:sysinit_exec:s0
/system/etc/init.d/90userinit u:object_r:userinit_exec:s0
/data/local/userinit.sh u:object_r:userinit_data_exec:s0
# For EXFAT/F2FS/NTFS partitions marked "formattable"
/system/bin/mkfs\.exfat u:object_r:mkfs_exec:s0
/system/bin/mkfs\.f2fs u:object_r:mkfs_exec:s0
/system/bin/mkfs\.ntfs u:object_r:mkfs_exec:s0
# For minivold in recovery
/sbin/minivold u:object_r:vold_exec:s0
#############################
# performance-related sysfs files (CM)
/sys/devices/system/cpu.*/cpufreq(/.*)? u:object_r:sysfs_devices_system_cpu:s0
/sys/block/mmcblk.*/queue/scheduler u:object_r:sysfs_devices_system_iosched:s0
/data/hostapd(/.*)? u:object_r:wifi_data_file:s0
#############
# Superuser's control sockets
/dev/socket/su-daemon(/.*)? u:object_r:superuser_device:s0
# Expansion of these hooks is a bit unconventional
/cache/com.cyanogenmod.keyhandler.dex u:object_r:dalvikcache_data_file:s0
# Lockscreen wallpaper
/data/system/users/[0-9]+/keyguard_wallpaper u:object_r:wallpaper_file:s0
# Persistent properties
/persist/properties(/.*)? u:object_r:persist_property_file:s0
# LiveDisplay
/sys/devices/virtual/graphics/fb0/aco u:object_r:livedisplay_sysfs:s0
/sys/devices/virtual/graphics/fb0/cabc u:object_r:livedisplay_sysfs:s0
/sys/devices/virtual/graphics/fb0/rgb u:object_r:livedisplay_sysfs:s0
/sys/devices/virtual/graphics/fb0/sre u:object_r:livedisplay_sysfs:s0
/sys/devices/virtual/graphics/fb0/color_enhance u:object_r:livedisplay_sysfs:s0
# fsck
/system/bin/fsck\.ntfs u:object_r:fsck_exec:s0
/system/bin/fsck\.exfat u:object_r:fsck_exec:s0
# bash
/system/xbin/bash u:object_r:shell_exec:s0