-
- Downloads
DO NOT MERGE: Ensure that /data/misc/wifi/sockets is always labeled wpa_socket.
It appears that wpa_supplicant tries to rmdir /data/misc/wifi/sockets and re-create it at times, so make sure that it remains labeled correctly when re-created in this manner via a name-based type transition rule. Do the same for hostapd as it also has permissions for creating/removing this directory. <5>[83921.800071] type=1400 audit(1392997522.105:26): avc: denied { rmdir } for pid=3055 comm="wpa_supplicant" name="sockets" dev="mmcblk0p28" ino=618957 scontext=u:r:wpa:s0 tcontext=u:object_r:wpa_socket:s0 tclass=dir We no longer need the type_transition for sock_file as it will inherit the type from the parent directory which is set via restorecon_recursive /data/misc/wifi/sockets or via type_transition, so drop it. Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov> (cherry picked from commit 7ade68d7) Change-Id: Ie3e2f4c14ce29a63634aa4049ab47f2624e93310
Please register or sign in to comment