github/Magisk
1
Fork 0
mirror of https://github.com/topjohnwu/Magisk synced 2024-11-14 22:28:37 +01:00
Code Releases Activity
44 Commits 1 Branch 138 Tags 104 MiB
C++ 36.9%
Kotlin 30.1%
Rust 16.5%
Java 9%
Shell 4.8%
Other 2.6%
f140f5f14b
Go to file
topjohnwu f140f5f14b Add rules
2016-09-17 16:53:51 +08:00
builtin_rules.c Add rules 2016-09-17 16:53:51 +08:00
README.txt Update README 2015-11-14 17:02:09 +01:00
sepolicy-inject.c Add built-in rules 2016-09-13 06:34:20 +08:00

README.txt 

Injects allow rules into binary SELinux kernel policies

Injecting a rule:
$ ./sepolicy-inject -s shell -t system -c file -p read -P sepolicy

Injecting multiple permissions:
$ ./sepolicy-inject -s shell -t system -c file -p read,write,open -P sepolicy

Add a type_attribute to a domain:
$ ./sepolicy-inject -s su -a mlstrustedsubject -P sepolicy

Injecting a permissive domain:
$ ./sepolicy-inject -Z shell -P sepolicy

Change a permissive domain to non-permissive:
$ ./sepolicy-inject -z shell -P sepolicy 

Test a SELinux type exists:
$ ./sepolicy-inject -e -s shell -P sepolicy 

Test a SELinux class exists:
$ ./sepolicy-inject -e -c service_manager -P sepolicy 

Add a transition:
$ ./sepolicy-inject -s su_daemon -f device -c file -t su_device -P sepolicy

Add a filename transition:
$ ./sepolicy-inject -s su_daemon -f device -c file -g "socket" -t su_device -P sepolicy