From c2594f36e789bbd49cbeeb9421a7b6a16cd30ba4 Mon Sep 17 00:00:00 2001
From: Geremy Condra <gcondra@google.com>
Date: Sat, 30 Mar 2013 17:27:43 -0700
Subject: [PATCH] Give system ownership of selinux load and enforce files.

This is necessary to enable remote updates.

Change-Id: I05fb979c0360eca4cc6e4add48bb42f712a1ba17
---
 rootdir/init.rc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/rootdir/init.rc b/rootdir/init.rc
index e6583e352..89ec18a36 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -348,6 +348,10 @@ on boot
     chown system system /sys/kernel/ipv4/tcp_rmem_max
     chown root radio /proc/cmdline
 
+# Set these so we can remotely update SELinux policy
+    chown system system /sys/fs/selinux/load
+    chown system system /sys/fs/selinux/enforce
+
 # Define TCP buffer sizes for various networks
 #   ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,
     setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208