Skip to content
Snippets Groups Projects
Commit 79e084fc authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Allow access to /data/security/current symbolic link.


Change-Id: Ic500af7b9dac6a9b6401e99c3d162913e9989d9b
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent 9af6f1bd
Branches
Tags
No related merge requests found
......@@ -239,7 +239,7 @@ allow $1 kernel:security setbool;
define(`security_access_policy', `
allow $1 security_file:dir r_dir_perms;
allow $1 security_file:file r_file_perms;
allow $1 security_file:lnk_file read;
allow $1 security_file:lnk_file r_file_perms;
allow $1 selinuxfs:dir r_dir_perms;
allow $1 selinuxfs:file r_file_perms;
allow $1 rootfs:dir r_dir_perms;
......@@ -259,6 +259,7 @@ security_access_policy($1)
unix_socket_connect($1, property, init)
allow $1 security_file:dir create_dir_perms;
allow $1 security_file:file create_file_perms;
allow $1 security_file:lnk_file { create rename unlink };
allow $1 security_prop:property_service set;
')
......@@ -271,6 +272,7 @@ define(`mmac_manage_policy', `
unix_socket_connect($1, property, init)
allow $1 security_file:dir create_dir_perms;
allow $1 security_file:file create_file_perms;
allow $1 security_file:lnk_file { create rename unlink };
allow $1 security_prop:property_service set;
')
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment