mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-12-25 10:57:39 +00:00
SEPolicy updates
This commit is contained in:
parent
fd7b5f393a
commit
6764a98409
@ -96,10 +96,9 @@ public class MagiskDatabaseHelper {
|
||||
Shell.Sync.su(Utils.fmt("mv -f %s %s; ln -s %s %s",
|
||||
oldDB, GLOBAL_DB, GLOBAL_DB, oldDB));
|
||||
}
|
||||
if (mm.magiskVersionCode < 1550) {
|
||||
if (mm.magiskVersionCode < Const.MAGISK_VER.SEPOL_REFACTOR) {
|
||||
// We need some additional policies on old versions
|
||||
Shell.Sync.su("magiskpolicy --live " +
|
||||
"'create su_file' 'allow * su_file file *' 'allow * su_file dir *'");
|
||||
Shell.Sync.su("db_sepatch");
|
||||
}
|
||||
if (!GLOBAL_DB.exists()) {
|
||||
Shell.Sync.su("db_init");
|
||||
|
@ -77,6 +77,7 @@ public class Const {
|
||||
public static final int DTBO_SUPPORT = 1446;
|
||||
public static final int LEGACY_GLOBAL_DB = 1450;
|
||||
public static final int HIDDEN_PATH = 1460;
|
||||
public static final int SEPOL_REFACTOR = 1640;
|
||||
}
|
||||
|
||||
public static class ID {
|
||||
|
@ -1,3 +1,9 @@
|
||||
db_sepatch() {
|
||||
magiskpolicy --live 'create magisk_file' 'attradd magisk_file mlstrustedobject' \
|
||||
'allow * magisk_file file *' 'allow * magisk_file dir *' \
|
||||
'allow magisk_file * filesystem associate'
|
||||
}
|
||||
|
||||
db_clean() {
|
||||
local USERID=$1
|
||||
local DIR="/sbin/.core/db-${USERID}"
|
||||
@ -8,7 +14,7 @@ db_clean() {
|
||||
|
||||
db_init() {
|
||||
ADB_CONTEXT=`/system/bin/ls -dZ /data/adb | awk '{print $1}'`
|
||||
chcon u:object_r:su_file:s0 /data/adb
|
||||
chcon u:object_r:magisk_file:s0 /data/adb
|
||||
chmod 777 /data/adb
|
||||
}
|
||||
|
||||
@ -25,7 +31,7 @@ db_setup() {
|
||||
touch $DIR/magisk.db
|
||||
mount -o bind /data/adb/magisk.db $DIR/magisk.db
|
||||
rm -f /data/adb/magisk.db-journal
|
||||
chcon u:object_r:su_file:s0 $DIR $DIR/*
|
||||
chcon u:object_r:magisk_file:s0 $DIR $DIR/*
|
||||
chmod 700 $DIR
|
||||
chown $USER.$USER $DIR
|
||||
chmod 666 $DIR/*
|
||||
|
Loading…
x
Reference in New Issue
Block a user