diff --git a/init/builtins.c b/init/builtins.c index 06180a1f2..9ae9ba3f7 100644 --- a/init/builtins.c +++ b/init/builtins.c @@ -516,12 +516,6 @@ int do_mount_all(int nargs, char **args) return ret; } -int do_selinux_reload(int nargs, char **args) { - if (is_selinux_enabled() <= 0) - return 0; - return selinux_reload_policy(); -} - int do_setcon(int nargs, char **args) { if (is_selinux_enabled() <= 0) return 0; diff --git a/init/init_parser.c b/init/init_parser.c index a79d3a17c..a1d242355 100644 --- a/init/init_parser.c +++ b/init/init_parser.c @@ -140,7 +140,6 @@ int lookup_keyword(const char *s) break; case 's': if (!strcmp(s, "eclabel")) return K_seclabel; - if (!strcmp(s, "elinux_reload_policy")) return K_selinux_reload_policy; if (!strcmp(s, "ervice")) return K_service; if (!strcmp(s, "etcon")) return K_setcon; if (!strcmp(s, "etenforce")) return K_setenforce; diff --git a/init/keywords.h b/init/keywords.h index 275c64d94..f14750647 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -19,7 +19,6 @@ int do_restart(int nargs, char **args); int do_restorecon(int nargs, char **args); int do_rm(int nargs, char **args); int do_rmdir(int nargs, char **args); -int do_selinux_reload(int nargs, char **args); int do_setcon(int nargs, char **args); int do_setenforce(int nargs, char **args); int do_setkey(int nargs, char **args); @@ -74,7 +73,6 @@ enum { KEYWORD(rm, COMMAND, 1, do_rm) KEYWORD(rmdir, COMMAND, 1, do_rmdir) KEYWORD(seclabel, OPTION, 0, 0) - KEYWORD(selinux_reload_policy, COMMAND, 0, do_selinux_reload) KEYWORD(service, SECTION, 0, 0) KEYWORD(setcon, COMMAND, 1, do_setcon) KEYWORD(setenforce, COMMAND, 1, do_setenforce) diff --git a/init/property_service.c b/init/property_service.c index 5387422d9..10be3f599 100644 --- a/init/property_service.c +++ b/init/property_service.c @@ -389,6 +389,9 @@ int property_set(const char *name, const char *value) * to prevent them from being overwritten by default values. */ write_persistent_property(name, value); + } else if (strcmp("selinux.reload_policy", name) == 0 && + strcmp("1", value) == 0) { + selinux_reload_policy(); } property_changed(name, value); return 0; diff --git a/rootdir/init.rc b/rootdir/init.rc index 03877b434..09017af4f 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -177,9 +177,6 @@ on post-fs mkdir /cache/lost+found 0770 root root on post-fs-data - # reload SELinux based on what we find on the data partition - selinux_reload_policy - # We chown/chmod /data again so because mount is run as root + defaults chown system system /data chmod 0771 /data @@ -413,7 +410,6 @@ service ueventd /sbin/ueventd seclabel u:r:ueventd:s0 on property:selinux.reload_policy=1 - selinux_reload_policy restart ueventd restart installd