Skip to content

Commit

Permalink
Add more sepolicy
Browse files Browse the repository at this point in the history
  • Loading branch information
@Dr-TSNG
Dr-TSNG committed Mar 3, 2023
1 parent 49e3ac9 commit 843086f
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
6 changes: 5 additions & 1 deletion module/src/customize.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,10 @@ extract "$ZIPFILE" 'sepolicy.rule' "$TMPDIR"

if [ "$KSU" ]; then
ui_print "- Checking SELinux patches"
if [ "$(getprop ro.product.first_api_level)" -lt 31 ]; then
echo "allow zygote appdomain_tmpfs file *" >> "$TMPDIR/sepolicy.rule"
echo "allow zygote appdomain_tmpfs dir *" >> "$TMPDIR/sepolicy.rule"
fi
if ! check_sepolicy "$TMPDIR/sepolicy.rule"; then
ui_print "*********************************************************"
ui_print "! Unable to apply SELinux patches!"
Expand All @@ -93,8 +97,8 @@ fi
ui_print "- Extracting module files"
extract "$ZIPFILE" 'module.prop' "$MODPATH"
extract "$ZIPFILE" 'post-fs-data.sh' "$MODPATH"
extract "$ZIPFILE" 'sepolicy.rule' "$MODPATH"
extract "$ZIPFILE" 'service.sh' "$MODPATH"
mv "$TMPDIR/sepolicy.rule" "$MODPATH"

HAS32BIT=false && [ -d "/system/lib" ] && HAS32BIT=true
HAS64BIT=false && [ -d "/system/lib64" ] && HAS64BIT=true
Expand Down
1 change: 1 addition & 0 deletions module/src/sepolicy.rule
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ allow * magisk_file lnk_file *
allow * magisk_file sock_file *

allow system_server system_server process execmem
allow zygote adb_data_file dir search
allow zygote mnt_vendor_file dir search
allow zygote system_file dir mounton
allow zygote labeledfs filesystem mount

0 comments on commit 843086f

Please sign in to comment.