diff options
author | Nick Kralevich <nnk@google.com> | 2014-01-13 20:47:21 +0100 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-01-13 20:47:21 +0100 |
commit | fc729512375c4f0d351f6f67f0d7f500ea1b9233 (patch) | |
tree | 7658af5f834b79b53c4752b4d743ae4da03032d4 | |
parent | Merge "minui: do not use flexible array initialization" (diff) | |
parent | Set SELinux security contexts correctly for init and services. (diff) | |
download | android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar.gz android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar.bz2 android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar.lz android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar.xz android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.tar.zst android_bootable_recovery-fc729512375c4f0d351f6f67f0d7f500ea1b9233.zip |
-rw-r--r-- | etc/init.rc | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/etc/init.rc b/etc/init.rc index 175489066..5f9ce80a2 100644 --- a/etc/init.rc +++ b/etc/init.rc @@ -1,6 +1,13 @@ import /init.recovery.${ro.hardware}.rc on early-init + # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. + write /sys/fs/selinux/checkreqprot 0 + + # Set the security context for the init process. + # This should occur before anything else (e.g. ueventd) is started. + setcon u:r:init:s0 + start ueventd start healthd @@ -43,15 +50,19 @@ on property:sys.powerctl=* service ueventd /sbin/ueventd critical + seclabel u:r:ueventd:s0 service healthd /sbin/healthd -n critical + seclabel u:r:healthd:s0 service recovery /sbin/recovery + seclabel u:r:recovery:s0 service adbd /sbin/adbd recovery disabled socket adbd stream 660 system system + seclabel u:r:adbd:s0 # Always start adbd on userdebug and eng builds on property:ro.debuggable=1 |