diff options
author | Stephen Smalley | 2012-05-01 14:02:53 -0500 |
---|---|---|
committer | rpcraig | 2012-08-09 08:59:10 -0500 |
commit | ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473 (patch) | |
tree | 0fa2219d6539d7b9311b24ad60ab1601e15fba63 /rootdir/init.rc | |
parent | d25b8502ea2c1294c0afab97bf7f14fbd2087efd (diff) | |
download | platform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.tar.gz platform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.tar.xz platform-system-core-ae6f3d7c05070f7e0e56fe0056c8923c6ee2f473.zip |
Add support for reloading policy from /data/system.
To support runtime policy management, add support for reloading
policy from /data/system. This can be triggered by setting the
selinux.loadpolicy property to 1, whether from init.rc after
mounting /data or from the system_server (e.g. upon invocation of
a new device admin API for provisioning policy). ueventd and
installd are restarted upon policy reloads to pick up the new
policy configurations relevant to their operation.
Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'rootdir/init.rc')
-rw-r--r-- | rootdir/init.rc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index 054c2ca2b..6a0c3327f 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc | |||
@@ -355,6 +355,10 @@ service ueventd /sbin/ueventd | |||
355 | critical | 355 | critical |
356 | seclabel u:r:ueventd:s0 | 356 | seclabel u:r:ueventd:s0 |
357 | 357 | ||
358 | on property:selinux.reload_policy=1 | ||
359 | restart ueventd | ||
360 | restart installd | ||
361 | |||
358 | service console /system/bin/sh | 362 | service console /system/bin/sh |
359 | class core | 363 | class core |
360 | console | 364 | console |