1. seandroid
  2. Untitled project
  3. external/sepolicy

Commits

Colin Cross  committed 92b9aa0

add file_contexts entries for root filesystem

It may be useful to generate an ext4 image of the root filesystem
instead of using a ramdisk. Whitelist entries in file_contexts to
support selinux labeling a root filesystem image.

Change-Id: I91a38d0aee4408c46cbfe5dc5e6eda198572e90f

  • Participants
  • Parent commits e884872
  • Branches master

Comments (0)

Files changed (1)

File file_contexts

View file
 ###########################################
 # Root
-#
-# Nothing required since it is initramfs and implicitly labeled
-# by genfscon rootfs in ocontexts.
-#
+/			u:object_r:rootfs:s0
+
+# Data files
+/adb_keys
+/default.prop		u:object_r:rootfs:s0
+/fstab\..*		u:object_r:rootfs:s0
+/init\..*		u:object_r:rootfs:s0
+/res(/.*)?		u:object_r:rootfs:s0
+/ueventd\..*		u:object_r:rootfs:s0
+
+# Executables
+/charger		u:object_r:rootfs:s0
+/init			u:object_r:rootfs:s0
+/sbin(/.*)?		u:object_r:rootfs:s0
+
+# Empty directories
+/lost\+found		u:object_r:rootfs:s0
+/proc			u:object_r:rootfs:s0
+/sys			u:object_r:rootfs:s0
+
+# SELinux policy files
+/file_contexts		u:object_r:rootfs:s0
+/property_contexts	u:object_r:rootfs:s0
+/seapp_contexts		u:object_r:rootfs:s0
+/sepolicy		u:object_r:rootfs:s0
+
 ##########################
 # Devices
 #