Piteball/android_device_samsung_msm8976-common
1
0
Fork 0
mirror of https://github.com/team-infusion-developers/android_device_samsung_msm8976-common.git synced 2024-11-07 06:19:20 +00:00
Code Issues Projects Releases Packages Wiki Activity

msm8976-common: sepolicy: Sync timekeep rules with SODP

Browse source
This commit is contained in:
LuK1337 2018-01-10 22:17:01 +01:00
parent ee0365443e
commit 2ff56657dd
2 changed files with 3 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sepolicy/system_app.te
View file

@ -1,6 +1,6 @@
allow system_app sysfs_mdnie:file rw_file_perms;
# TimeKeep Java service
allow system_app time_data_file:dir search;
allow system_app time_data_file:file rw_file_perms;
set_prop(system_app, timekeep_prop)

10
sepolicy/timekeep.te
View file

@ -1,16 +1,10 @@
type timekeep, domain;
type timekeep_exec, exec_type, vendor_file_type, file_type;
# Started by init
init_daemon_domain(timekeep)
allow timekeep self:capability {
fowner
fsetid
sys_time
dac_override
dac_read_search
};
# Grant permission to set system time and to set the real-time lock
allow timekeep self:capability { fowner sys_time };
allow timekeep time_data_file:file create_file_perms;
allow timekeep time_data_file:dir create_dir_perms;