Skip to content
Snippets Groups Projects
Commit b55ebfb0 authored by Stephen Smalley's avatar Stephen Smalley Committed by Nick Kralevich
Browse files

DO NOT MERGE: Ensure that /data/misc/wifi/sockets is always labeled wpa_socket. 


It appears that wpa_supplicant tries to rmdir /data/misc/wifi/sockets
and re-create it at times, so make sure that it remains labeled correctly
when re-created in this manner via a name-based type transition rule.
Do the same for hostapd as it also has permissions for creating/removing
this directory.

<5>[83921.800071] type=1400 audit(1392997522.105:26): avc:  denied  { rmdir } for  pid=3055 comm="wpa_supplicant" name="sockets" dev="mmcblk0p28" ino=618957 scontext=u:r:wpa:s0 tcontext=u:object_r:wpa_socket:s0 tclass=dir

We no longer need the type_transition for sock_file as it will inherit
the type from the parent directory which is set via restorecon_recursive
/data/misc/wifi/sockets or via type_transition, so drop it.

Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>

(cherry picked from commit 7ade68d7)

Change-Id: Ie3e2f4c14ce29a63634aa4049ab47f2624e93310
parent 5086de28
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment