From 92ade7480f8e0500beba9fe8e59a391081f63344 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Sat, 17 Dec 2016 09:18:18 -0800
Subject: [PATCH] init.te: fixup stale comment

init switch from a setcon() based transition to an exec() based
transition in bug 19702273. Fixup stale comment.

Test: comment only change. Policy compiles.
Bug: 19702273
Change-Id: I6e1b4b3680193453adafa8952a7ea343d2977505
---
 public/init.te | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/public/init.te b/public/init.te
index 2e2e16cfc..bfbf6d163 100644
--- a/public/init.te
+++ b/public/init.te
@@ -347,10 +347,10 @@ allow init system_data_file:lnk_file r_file_perms;
 ### neverallow rules
 ###
 
-# The init domain is only entered via setcon from the kernel domain,
-# never via an exec-based transition.
+# The init domain is only entered via an exec based transition from the
+# kernel domain, never via setcon().
 neverallow domain init:process dyntransition;
-neverallow { domain -kernel} init:process transition;
+neverallow { domain -kernel } init:process transition;
 neverallow init { file_type fs_type -init_exec }:file entrypoint;
 
 # Never read/follow symlinks created by shell or untrusted apps.
-- 
GitLab