init: Make restorecon_recursive work for /data/
In the following commit:
commit f2b7ee765516c84a9995e3acdc8fbcd7dc1b33cc
Author: Stephen Smalley <sds@tycho.nsa.gov>
Date: Thu Feb 6 13:52:52 2014 -0500
Apply restorecon_recursive to all of /data.
they removed all the adhoc restorecon_recursive of subdirectories
of /data/ and replaced it with:
# Set SELinux security contexts on upgrade or policy update.
restorecon_recursive /data
Unfortunately, that is a no-op because restorecon doesn't recurse
through /data/ unless you add a FORCE flag.
Since the expectation seems to be that the recursive restorecon
in init will actually work, update the built-in to add the force
flag and a flag to allow /data/data to also be recursed through.
[RC: Removed the DATADATA flag. It throws a ton of errors, and it's
supposed to be handled by seapp_contexts, not file_contexts. The actual
root paths, however, now get their individual restorecon calls so that
installd can deal with them]
Change-Id: I435c505188e924b27ef2e6a2e0ee0a6951e43f0e
2 files changed