Add persistent property for SELinux enforcment status.

Also adds triggers for going between enforcing and permissive status. Bug: 8702843 Change-Id: I841d80999b96acf6b6fd0a5408fb074952d6ae72
author: repo sync <gcondra@google.com> 2013-04-24 11:18:29 -0700
committer: repo sync <gcondra@google.com> 2013-04-25 14:19:16 -0700
commit: b89bdfde422eff751b3f939f10ab57e22af83eaa (patch)
tree: aecc1341fc19309b5bcc9a3fc20c4dc81bf7c886
parent: 7ee2e26eb98da10eaddf5a8e864d508cceab946b (diff)
download: core-b89bdfde422eff751b3f939f10ab57e22af83eaa.tar.gz
2 files changed, 7 insertions, 0 deletions
diff --git a/init/property_service.c b/init/property_service.c
index 578000154..324839977 100755
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -91,6 +91,7 @@ struct {
     { "persist.service.", AID_SYSTEM,   0 },
     { "persist.security.", AID_SYSTEM,   0 },
     { "persist.service.bdroid.", AID_BLUETOOTH,   0 },
+    { "persist.selinux.enforcing", AID_SYSTEM,  0},
     { "selinux."         , AID_SYSTEM,   0 },
     { NULL, 0, 0 }
 };
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 89ec18a36..fc98f806c 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -409,6 +409,12 @@ on property:selinux.reload_policy=1
     restart ueventd
     restart installd
 
+on property:persist.selinux.enforcing=1
+    setenforce 1
+
+on property:persist.selinux.enforcing=0
+    setenforce 0
+
 service console /system/bin/sh
     class core
     console
author	repo sync <gcondra@google.com>	2013-04-24 11:18:29 -0700
committer	repo sync <gcondra@google.com>	2013-04-25 14:19:16 -0700
commit	b89bdfde422eff751b3f939f10ab57e22af83eaa (patch)
tree	aecc1341fc19309b5bcc9a3fc20c4dc81bf7c886
parent	7ee2e26eb98da10eaddf5a8e864d508cceab946b (diff)
download	core-b89bdfde422eff751b3f939f10ab57e22af83eaa.tar.gz