Trigger a policy reload from post-fs-data. Once userdata is available and decrypted, trigger a policy reload to pick up any policy update files stored under /data/security. Change-Id: Ic2b3121c3395429b108c40d1d7f5a3124a5896c5 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

commit: 6552f6885fc2a94501ca064bffc4c18ad40caad8 [log] [tgz]
author: Stephen Smalley <sds@tycho.nsa.gov> Mon Aug 26 10:45:05 2013 -0400
committer: Stephen Smalley <sds@tycho.nsa.gov> Mon Aug 26 10:45:05 2013 -0400
tree: ec67b2bb3cca3fbbccaf132f3d0ec9a44b846e16
parent: a8ba1f2f0b67063978819cc7d04276060450f364 [diff] [blame]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 5e3c991..50c695b 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -245,6 +245,9 @@
     # Separate location for storing security policy files on data
     mkdir /data/security 0711 system system
 
+    # Reload policy from /data/security if present.
+    setprop selinux.reload_policy 1
+
     # If there is no fs-post-data action in the init.<device>.rc file, you
     # must uncomment this line, otherwise encrypted filesystems
     # won't work.
commit	6552f6885fc2a94501ca064bffc4c18ad40caad8	[log] [tgz]
author	Stephen Smalley <sds@tycho.nsa.gov>	Mon Aug 26 10:45:05 2013 -0400
committer	Stephen Smalley <sds@tycho.nsa.gov>	Mon Aug 26 10:45:05 2013 -0400
tree	ec67b2bb3cca3fbbccaf132f3d0ec9a44b846e16
parent	a8ba1f2f0b67063978819cc7d04276060450f364 [diff] [blame]