summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Smalley2012-05-01 14:02:53 -0500
committerrpcraig2012-08-09 08:59:10 -0500
commitae6f3d7c05070f7e0e56fe0056c8923c6ee2f473 (patch)
tree0fa2219d6539d7b9311b24ad60ab1601e15fba63 /rootdir/init.rc
parentd25b8502ea2c1294c0afab97bf7f14fbd2087efd (diff)
downloadplatform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.tar.gz
platform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.tar.xz
platform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.zip
Add support for reloading policy from /data/system.
To support runtime policy management, add support for reloading policy from /data/system. This can be triggered by setting the selinux.loadpolicy property to 1, whether from init.rc after mounting /data or from the system_server (e.g. upon invocation of a new device admin API for provisioning policy). ueventd and installd are restarted upon policy reloads to pick up the new policy configurations relevant to their operation. Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'rootdir/init.rc')
-rw-r--r--rootdir/init.rc4
1 files changed, 4 insertions, 0 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 054c2ca2b..6a0c3327f 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -355,6 +355,10 @@ service ueventd /sbin/ueventd
355 critical 355 critical
356 seclabel u:r:ueventd:s0 356 seclabel u:r:ueventd:s0
357 357
358on property:selinux.reload_policy=1
359 restart ueventd
360 restart installd
361
358service console /system/bin/sh 362service console /system/bin/sh
359 class core 363 class core
360 console 364 console