selinux: add init.bullhead.power.sh to system group

Flip init-power-sh domain into enforcing Addresses: avc: denied { dac_override } for pid=390 comm="init.bullhead.p" capability=1 scontext=u:r:init-power-sh:s0 tcontext=u:r:init-power-sh:s0 tclass=capability permissive=1 Bug: 21591724 Change-Id: I8aa811606a7a7d669fa0c7122019803f8996cfb3
author: Jeff Vander Stoep <jeffv@google.com> 2015-07-30 14:32:43 -0700
committer: Jeff Vander Stoep <jeffv@google.com> 2015-07-30 15:07:39 -0700
commit: a191ccc9116350a4e321644fb2413c7b54ef1929 (patch)
tree: a05527e57cf0c7cc65a0ac920f307dedbbd24fda /sepolicy
parent: fbea2eb5dae5d721f22189ef4def4c53f91b6f14 (diff)
download: bullhead-a191ccc9116350a4e321644fb2413c7b54ef1929.tar.gz
1 files changed, 0 insertions, 2 deletions
diff --git a/sepolicy/init-power-sh.te b/sepolicy/init-power-sh.te
index bbeedac..942d2d5 100644
--- a/sepolicy/init-power-sh.te
+++ b/sepolicy/init-power-sh.te
@@ -1,8 +1,6 @@
 type init-power-sh, domain;
 type init-power-sh_exec, exec_type, file_type;
 
-permissive init-power-sh;
-
 init_daemon_domain(init-power-sh)
 
 allow init-power-sh proc_kernel_sched:file w_file_perms;
author	Jeff Vander Stoep <jeffv@google.com>	2015-07-30 14:32:43 -0700
committer	Jeff Vander Stoep <jeffv@google.com>	2015-07-30 15:07:39 -0700
commit	a191ccc9116350a4e321644fb2413c7b54ef1929 (patch)
tree	a05527e57cf0c7cc65a0ac920f307dedbbd24fda /sepolicy
parent	fbea2eb5dae5d721f22189ef4def4c53f91b6f14 (diff)
download	bullhead-a191ccc9116350a4e321644fb2413c7b54ef1929.tar.gz