change 'for-system' owner from root to clat
See https://b.corp.google.com/issues/402962730#comment27
for explanation how clat uid not having access to this
directory causes selinux denials, but basically the dynamic
linker tries to call realpath on /proc/self/exe, which fails
because it's post setuid/gid and thus running as clat/clat,
not as uid=root or gid=system which have access.
(note that the 'w' bits don't really matter since this is
embedded in an apex, and thus readonly filesystem anyway)
Bug: 402962730
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Iaf620e33d9211c9bc0c017543bb1be2f43520a51
2 files changed