Allow creating /data/tombstones files by system_server. Needed for ag/18773746 Bug: 225173288 Test: atest ErrorsTest + manual Change-Id: I31bab12a59babd9a197cfb03d2417b926e60af84

commit: 252a0502c8db355bde5a2fac2922bb9d70b0d60a [log] [tgz]
author: Siim Sammul <siims@google.com> Wed Jun 01 13:53:01 2022 +0100
committer: Siim Sammul <siims@google.com> Wed Jun 29 15:07:01 2022 +0000
tree: d52f1807a26158bcca165da0e4891a50765b7b85
parent: b947c738505c39d5354b9aae6d2d26254e0df0e6 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 85675de..762f136 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -601,12 +601,9 @@
 allow system_server textclassifier_data_file:dir create_dir_perms;
 allow system_server textclassifier_data_file:file create_file_perms;
 
-# Access /data/tombstones.
-allow system_server tombstone_data_file:dir r_dir_perms;
-allow system_server tombstone_data_file:file r_file_perms;
-
-# Allow write access to be able to truncate tombstones.
-allow system_server tombstone_data_file:file write;
+# Manage /data/tombstones.
+allow system_server tombstone_data_file:dir rw_dir_perms;
+allow system_server tombstone_data_file:file create_file_perms;
 
 # Manage /data/misc/vpn.
 allow system_server vpn_data_file:dir create_dir_perms;
commit	252a0502c8db355bde5a2fac2922bb9d70b0d60a	[log] [tgz]
author	Siim Sammul <siims@google.com>	Wed Jun 01 13:53:01 2022 +0100
committer	Siim Sammul <siims@google.com>	Wed Jun 29 15:07:01 2022 +0000
tree	d52f1807a26158bcca165da0e4891a50765b7b85
parent	b947c738505c39d5354b9aae6d2d26254e0df0e6 [diff] [blame]