NikhilChaubey

selinux-implementation good-question-SO visual_guide_to_sepolicy Policy files Files that end with *.te are SELinux policy source files, which define domains and their labels. You may need to create new policy files in /device/ manufacturer / device-name /sepolicy , but you should try to update existing files where possible.  Context files Context files are where you specify labels for your objects. file_contexts assigns labels to files and is used by various userspace components. As you create new policies, create or update this file to assign new labels to files. To apply new file_contexts , rebuild the filesystem image or run restorecon on the file to be relabeled. On upgrades, changes to file_contexts are automatically applied to the system and userdata partitions as part of the upgrade. Changes can also be automatically applied on upgrade to other partitions by adding restorecon_recursive calls to your init. board .rc file afte...