Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 0f3c37aecc3212ee9b418a5a25067fe23a9f8a65^1..0f3c37aecc3212ee9b418a5a25067fe23a9f8a65 / .
commit0f3c37aecc3212ee9b418a5a25067fe23a9f8a65[log] [tgz]
authorDaniel Rosenberg <drosen@google.com>Thu Mar 31 02:39:06 2016 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Thu Mar 31 02:39:06 2016 +0000
tree2a267d46a7dbf7733db34431f943c721b971eed5
parent4056af811fd30e426f7cea62396500aa9e11c1f2 [diff]
parentbb90999e9aa3ca4692f0e54f029385822f3bdd2d [diff]
Merge "Allow shell and adbd access to media_rw_data_file for now." into nyc-dev
diff --git a/adbd.te b/adbd.te
index de0c981..27ffdd8 100644
--- a/adbd.te
+++ b/adbd.te

@@ -100,3 +100,7 @@
 allow adbd storage_file:lnk_file r_file_perms;
 allow adbd mnt_user_file:dir r_dir_perms;
 allow adbd mnt_user_file:lnk_file r_file_perms;
+
+# Access to /data/media.
+allow adbd media_rw_data_file:dir create_dir_perms;
+allow adbd media_rw_data_file:file create_file_perms;

diff --git a/shell.te b/shell.te
index d1c385b..fc5c276 100644
--- a/shell.te
+++ b/shell.te

@@ -122,6 +122,10 @@
 # Allow access to ion memory allocation device.
 allow shell ion_device:chr_file rw_file_perms;
 
+# Access to /data/media.
+allow shell media_rw_data_file:dir create_dir_perms;
+allow shell media_rw_data_file:file create_file_perms;
+
 ###
 ### Neverallow rules
 ###