From b4adc62a572f983f4c538d0b9a75843574f9ec21 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 17 Jun 2014 08:49:17 -0700
Subject: [PATCH] Force logwrapper to system_file

Some device-specific policies are improperly creating a security
domain for logwrapper, rather than removing the logwrapper
lines from init.device.rc. Don't allow that. Explicitly add an entry
for /system/bin/logwrapper to force it to a system_file. Attempting
to override this will result in the following compile time error:

  obj/ETC/file_contexts_intermediates/file_contexts: Multiple different
  specifications for /system/bin/logwrapper
  (u:object_r:logwrapper_exec:s0 and u:object_r:system_file:s0).

Bug: 15616899
Change-Id: Ia55394247a9fa16e00434d61091fff9d9d4ff125
---
 file_contexts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/file_contexts b/file_contexts
index 82b8c1c1b..dd09c1f6f 100644
--- a/file_contexts
+++ b/file_contexts
@@ -157,6 +157,7 @@
 /system/bin/inputflinger u:object_r:inputflinger_exec:s0
 /system/bin/logd        u:object_r:logd_exec:s0
 /system/bin/uncrypt     u:object_r:uncrypt_exec:s0
+/system/bin/logwrapper  u:object_r:system_file:s0
 #############################
 # Vendor files
 #
-- 
GitLab