#include <tunables/global>
-profile android_app flags=(mediate_deleted,attach_disconnected,complain) {
+profile android_app flags=(attach_disconnected, complain, mediate_deleted) {
#include <abstractions/base>
/** ix,
/dev** rw,
capability net_bind_service,
capability kill,
capability dac_override,
+ capability chown,
mount fstype=tmpfs -> /storage**,
+ mount fstype=tmpfs -> /data/misc/profiles**,
mount options in (rw,bind) options in (rw,rbind) -> /storage**,
+ mount options in (rw,bind) options in (rw,rbind) -> /data/misc/profiles**,
mount /dev/fuse -> /storage**,
mount -> /,
umount /storage**,
signal (receive),
/acct** rwkl,
+ /linkerconfig** r,
owner /data** rwkl,
/data/app** r,
+ /data/system/unsolzygotesocket rw,
+ /data/dalvik-cache** r,
/data/misc** r,
/data/lineageos_updates** r,
/apex** mr,
#include <tunables/global>
-profile lxc-waydroid flags=(mediate_deleted,attach_disconnected,complain) {
+profile lxc-waydroid flags=(attach_disconnected, complain, mediate_deleted) {
#include <abstractions/base>
/** ix,
/system/bin/app_process Pix -> lxc-waydroid//&android_app,
/var** rw,
/run** rw,
/mnt** rw,
- /apex** rw,
+ /apex** rwk,
/sbin** rw,
+ /linkerconfig** rwk,
/system** k,
mount,
umount,
projects / waydroid.git / commitdiff