Allow to execute postinstall in adb sideload In recovery, everything is labeled rootfs, including /system/bin/*. Allow postinstall to execute them in recovery. Test: sideload Bug: 116608795 Fixes: 119877813 Change-Id: I5682bdecd0df1cb9ff3bc968ea29449b0b8588f4

commit: 1817cbde1452fb0cba8682d54f20da8048661c64 [log] [tgz]
author: Yifan Hong <elsk@google.com> Wed Nov 21 13:34:34 2018 -0800
committer: Yifan Hong <elsk@google.com> Wed Nov 21 16:23:45 2018 -0800
tree: e8a38cff04e2e20127cc8b92b53cbab24b4ee564
parent: ac317b915eeb96265e4681bebab3b711ab0eb7bf [diff]
diff --git a/public/postinstall.te b/public/postinstall.te
index 7fd4dc6..2ef68bd 100644
--- a/public/postinstall.te
+++ b/public/postinstall.te

@@ -19,6 +19,11 @@
 allow postinstall system_file:file rx_file_perms;
 allow postinstall toolbox_exec:file rx_file_perms;
 
+# Allow postinstall to execute shell in recovery.
+recovery_only(`
+  allow postinstall rootfs:file rx_file_perms;
+')
+
 #
 # For OTA dexopt.
 #
commit	1817cbde1452fb0cba8682d54f20da8048661c64	[log] [tgz]
author	Yifan Hong <elsk@google.com>	Wed Nov 21 13:34:34 2018 -0800
committer	Yifan Hong <elsk@google.com>	Wed Nov 21 16:23:45 2018 -0800
tree	e8a38cff04e2e20127cc8b92b53cbab24b4ee564
parent	ac317b915eeb96265e4681bebab3b711ab0eb7bf [diff]