am 2b8bf155: am 303e139a: am b76966d6: recovery: remove auditallow for exec_type:dir writes * commit '2b8bf15531090fe56f3c545cabaf371b6e4476dc': recovery: remove auditallow for exec_type:dir writes

commit: 3a2cbf9ce70026a861d56a8853e13e3ac2185a8e [log] [tgz]
author: Nick Kralevich <nnk@google.com> Thu Mar 05 23:34:12 2015 +0000
committer: Android Git Automerger <android-git-automerger@android.com> Thu Mar 05 23:34:12 2015 +0000
tree: 7aeaa4f981984445f190d5494c339247a5f7491c
parent: f3a6abbb889f567d32df41577db7760714e957ae [diff]
parent: 2b8bf15531090fe56f3c545cabaf371b6e4476dc [diff]
diff --git a/recovery.te b/recovery.te
index 87b6b5b..8576356 100644
--- a/recovery.te
+++ b/recovery.te

@@ -36,11 +36,9 @@
   # support to OTAs. However, that code has a bug. When an update occurs,
   # some directories are inappropriately labeled as exec_type. This is
   # only transient, and subsequent steps in the OTA script correct this
-  # mistake.
-  # Allow this behavior for now until we can fix the underlying bug.
-  # b/15575013
+  # mistake. New devices are moving to block based OTAs, so this is not
+  # worth fixing. b/15575013
   allow recovery exec_type:dir { create_dir_perms relabelfrom relabelto };
-  auditallow recovery exec_type:dir { create_dir_perms relabelfrom relabelto };
 
   # Write to /proc/sys/vm/drop_caches
   # TODO: create more specific label?
commit	3a2cbf9ce70026a861d56a8853e13e3ac2185a8e	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Thu Mar 05 23:34:12 2015 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	Thu Mar 05 23:34:12 2015 +0000
tree	7aeaa4f981984445f190d5494c339247a5f7491c
parent	f3a6abbb889f567d32df41577db7760714e957ae [diff]
parent	2b8bf15531090fe56f3c545cabaf371b6e4476dc [diff]