04a85a1ba0
Ignore-AOSP-First: T finalization Bug: 225745567 Test: Build Change-Id: I49fb91c7a60fb1e871bdf3553d978bb16c476fd7 Merged-In: I49fb91c7a60fb1e871bdf3553d978bb16c476fd7
18 lines
758 B
Text
18 lines
758 B
Text
type preloads_copy, domain, coredomain;
|
|
type preloads_copy_exec, system_file_type, exec_type, file_type;
|
|
|
|
init_daemon_domain(preloads_copy)
|
|
|
|
allow preloads_copy shell_exec:file rx_file_perms;
|
|
allow preloads_copy toolbox_exec:file rx_file_perms;
|
|
allow preloads_copy preloads_data_file:dir create_dir_perms;
|
|
allow preloads_copy preloads_data_file:file create_file_perms;
|
|
allow preloads_copy preloads_media_file:dir create_dir_perms;
|
|
allow preloads_copy preloads_media_file:file create_file_perms;
|
|
|
|
# Allow to copy from /postinstall
|
|
allow preloads_copy system_file:dir r_dir_perms;
|
|
|
|
# Silence the denial when /postinstall cannot be mounted, e.g., system_other
|
|
# is wiped, but preloads_copy.sh still runs.
|
|
dontaudit preloads_copy postinstall_mnt_dir:dir search;
|