mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-11 08:54:28 -05:00
48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
|
From 28fec2a2867a8a0fea386038bc366e630ac1ed4e Mon Sep 17 00:00:00 2001
|
||
|
From: Martin Brabham <optedoblivion@cyngn.com>
|
||
|
Date: Thu, 7 May 2015 11:22:13 -0700
|
||
|
Subject: [PATCH] DNSCrypt - Add sepolicy for dnscrypt proxy to run - Add
|
||
|
service entry to init.local.rc
|
||
|
|
||
|
Change-Id: Id2ee42738c10a7a024fcf25edc3a6cbe2fe0bbc8
|
||
|
---
|
||
|
prebuilt/common/etc/init.local.rc | 6 ++++++
|
||
|
sepolicy/dnscryptproxy.te | 8 ++++++++
|
||
|
2 files changed, 14 insertions(+)
|
||
|
create mode 100644 sepolicy/dnscryptproxy.te
|
||
|
|
||
|
diff --git a/prebuilt/common/etc/init.local.rc b/prebuilt/common/etc/init.local.rc
|
||
|
index 1f66b77..8042c29 100644
|
||
|
--- a/prebuilt/common/etc/init.local.rc
|
||
|
+++ b/prebuilt/common/etc/init.local.rc
|
||
|
@@ -128,6 +128,12 @@ on boot
|
||
|
# Persistent properties (only created if persist exists)
|
||
|
mkdir /persist/properties 0770 system system
|
||
|
|
||
|
+# For now default this to opendns until we modify the code to read a system propery
|
||
|
+# dnscrypt proxy
|
||
|
+service dnscrypt-proxy /system/xbin/dnscrypt-proxy
|
||
|
+ class main
|
||
|
+ disabled
|
||
|
+
|
||
|
# sysinit (/system/etc/init.d)
|
||
|
service sysinit /system/bin/sysinit
|
||
|
user root
|
||
|
diff --git a/sepolicy/dnscryptproxy.te b/sepolicy/dnscryptproxy.te
|
||
|
new file mode 100644
|
||
|
index 0000000..3f143c9
|
||
|
--- /dev/null
|
||
|
+++ b/sepolicy/dnscryptproxy.te
|
||
|
@@ -0,0 +1,8 @@
|
||
|
+allow init self:udp_socket { bind setopt write read };
|
||
|
+allow init port:udp_socket name_bind;
|
||
|
+allow init node:udp_socket node_bind;
|
||
|
+
|
||
|
+allow init self:tcp_socket { create ioctl setopt bind listen };
|
||
|
+allow init port:tcp_socket name_bind;
|
||
|
+allow init node:tcp_socket node_bind;
|
||
|
+
|
||
|
--
|
||
|
2.7.4
|
||
|
|