Merge "Allow idmap1 to read vmdl*.tmp APK install files"
am: e4af840db6
Change-Id: I568001cc07d9aa8079ceb665d3d1695d0fcb3302
This commit is contained in:
commit
8d18a3bd51
1 changed files with 5 additions and 1 deletions
|
@ -2,7 +2,7 @@
|
||||||
type idmap, domain;
|
type idmap, domain;
|
||||||
type idmap_exec, system_file_type, exec_type, file_type;
|
type idmap_exec, system_file_type, exec_type, file_type;
|
||||||
|
|
||||||
# STOPSHIP remove /system/bin/idmap and the link between idmap and installd (b/118711077)
|
# TODO remove /system/bin/idmap and the link between idmap and installd (b/118711077)
|
||||||
# Use open file to /data/resource-cache file inherited from installd.
|
# Use open file to /data/resource-cache file inherited from installd.
|
||||||
allow idmap installd:fd use;
|
allow idmap installd:fd use;
|
||||||
allow idmap resourcecache_data_file:file create_file_perms;
|
allow idmap resourcecache_data_file:file create_file_perms;
|
||||||
|
@ -15,6 +15,10 @@ dontaudit idmap installd:file read;
|
||||||
allow idmap apk_data_file:file r_file_perms;
|
allow idmap apk_data_file:file r_file_perms;
|
||||||
allow idmap apk_data_file:dir search;
|
allow idmap apk_data_file:dir search;
|
||||||
|
|
||||||
|
# Allow /data/app/vmdl*.tmp, /data/app-private/vmdl*.tmp files
|
||||||
|
allow idmap { apk_tmp_file apk_private_tmp_file }:file r_file_perms;
|
||||||
|
allow idmap { apk_tmp_file apk_private_tmp_file }:dir search;
|
||||||
|
|
||||||
# Allow apps access to /vendor/app
|
# Allow apps access to /vendor/app
|
||||||
r_dir_file(idmap, vendor_app_file)
|
r_dir_file(idmap, vendor_app_file)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue