Off the top of my head git blame the init.rc on master for restorecon_recursive /data and there's a patch in libselinux to support storing the hash of fc when a restore on happens to prevent label walks when no change was made. Offhand from my cellphone I don't have the change ids handy. On Apr 3, 2015 6:14 PM, "Tai Nguyen (tainguye)" <[email protected]> wrote:
> Thanks. That would explain what we see. > Which version support /data relabeling? And, how do we find the patch for > the /data relabeling. > > Thanks, > Tai > > From: William Roberts <[email protected]> > Date: Friday, April 3, 2015 at 5:49 PM > To: Tai Nguyen <[email protected]> > Cc: "[email protected]" <[email protected]> > Subject: Re: Question on seapp_context > > IIRC 4.4 doesn't support /data relabeling > On Apr 3, 2015 5:05 PM, "Tai Nguyen (tainguye)" <[email protected]> > wrote: > >> Do we have any restriction on using app_data_file domain for system_app? >> >> We made the following change, but the data directory still show >> system_app_data_file. >> >> - File mac_permissions.xml >> >> <signer signature="@PLATFORM" > >> <!-- CFG app --> >> <package name="cip.cfg"> >> <seinfo value="cfg_app" /> >> </package> >> >> - File seapp_contexts >> user=system seinfo=cfg_app name=cip.cfg domain=system_app >> type=app_data_file >> >> This is for KitKat 4.4 code base. The app needs to be system_app for >> other interaction but its data does not need to be protected. >> >> Thanks, >> Tai >> >> _______________________________________________ >> Seandroid-list mailing list >> [email protected] >> To unsubscribe, send email to [email protected]. >> To get help, send an email containing "help" to >> [email protected]. >> >
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
