Allow incidentd to parse persisted log
Allow incidentd to run incident-helper-cmd, a Java program spawn by
app_process.
Allow incidentd to read /data/misc/logd and its files on userdebug
and eng build.
Bug: 147924172
Test: Build, flash and verify "adb shell incident -p EXPLICIT 1116"
can parse persisted logs.
Change-Id: Id0aa4286c304a336741ce8c0949b12ec559c2e16
diff --git a/private/logpersist.te b/private/logpersist.te
index 6f6ab50..ac324df 100644
--- a/private/logpersist.te
+++ b/private/logpersist.te
@@ -24,6 +24,6 @@
userdebug_or_eng(`-misc_logd_file -coredump_file')
with_native_coverage(`-method_trace_data_file')
}:file { create write append };
-neverallow { domain -init -dumpstate userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain -init -dumpstate -incidentd userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };