domain.te · f2c4e1283e91f7a91963d1d68a27f515027d97b4 · Werner Sembach / AndroidSystemSEPolicy

Something went wrong on our end

9 years ago

neverallow service_manager / service_manager_type · f2c4e128

Nick Kralevich authored 9 years ago

Init never uses / add service manager services. It doesn't make
sense to allow these rules to init. Adding a rule of this type
is typically caused by a process inappropriately running in init's
SELinux domain, and the warning message:

  Warning!  Service %s needs a SELinux domain defined; please fix!

is ignored.

In addition, add neverallow rules to domain.te which prevent
nonsense SELinux service_manager rules from being added.

Change-Id: Id04a50d1826fe451a9ed216aa7ab249d0393cc57

f2c4e128

History

neverallow service_manager / service_manager_type

Nick Kralevich authored 9 years ago

Init never uses / add service manager services. It doesn't make
sense to allow these rules to init. Adding a rule of this type
is typically caused by a process inappropriately running in init's
SELinux domain, and the warning message:

  Warning!  Service %s needs a SELinux domain defined; please fix!

is ignored.

In addition, add neverallow rules to domain.te which prevent
nonsense SELinux service_manager rules from being added.

Change-Id: Id04a50d1826fe451a9ed216aa7ab249d0393cc57