Add policies for system_server to delete fpdata folder Bug: 26211308 Change-Id: I8fd2d14ea52d49a33e6cdbcdf90630eea89f7dd0

commit: 107c55393c680eb14d5dee11f060b943b8d2e9aa [log] [tgz]
author: Amith Yamasani <yamasani@google.com> Tue Dec 15 17:20:06 2015 -0800
committer: Amith Yamasani <yamasani@google.com> Thu Dec 17 12:33:06 2015 -0800
tree: 11fa4a922b19c34ac814a49acbb9a3a69cad16d4
parent: cb1ab9858e4f44ee87c4a86f1cc9e858b8b36475 [diff]
diff --git a/system_server.te b/system_server.te
index 96d8773..2616c46 100644
--- a/system_server.te
+++ b/system_server.te

@@ -424,7 +424,9 @@
 allow system_server mnt_expand_file:dir r_dir_perms;
 
 # Allow system process to relabel the fingerprint directory after mkdir
-allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto};
+# and delete the directory and files when no longer needed
+allow system_server fingerprintd_data_file:dir { r_dir_perms remove_name rmdir relabelto write };
+allow system_server fingerprintd_data_file:file { getattr unlink };
 
 userdebug_or_eng(`
   # Allow system server to create and write method traces in /data/misc/trace.
commit	107c55393c680eb14d5dee11f060b943b8d2e9aa	[log] [tgz]
author	Amith Yamasani <yamasani@google.com>	Tue Dec 15 17:20:06 2015 -0800
committer	Amith Yamasani <yamasani@google.com>	Thu Dec 17 12:33:06 2015 -0800
tree	11fa4a922b19c34ac814a49acbb9a3a69cad16d4
parent	cb1ab9858e4f44ee87c4a86f1cc9e858b8b36475 [diff]