commit 544a9b1c513a478aee2f0551cf5cef408bc86cd5
author Andrew Sapperstein <asapperstein@google.com> Fri Jun 28 15:28:28 2019 +0000
committer Andrew Sapperstein <asapperstein@google.com> Fri Jun 28 15:28:28 2019 +0000
tree 5873f1f6639754ae777a7780ba99bfc49c454686
parent e47d2365a8955901e29a1b571f78f315f089ec38

Revert "Revert "Allow rule to let settings access apex files""

This reverts commit e47d2365a8955901e29a1b571f78f315f089ec38.

Reason for revert: Original CL was not the cause of the breakage. It went green before this revert landed. https://android-build.googleplex.com/builds/branches/aosp-master/grid?

Original CL went in 5695273.
Went green in 5695399.
Revert went in 5695588.

Change-Id: Ie4d7065fe7d3c58cdff99c2b7d76b50b941895bb

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index 1626fab..33d0032 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1022,7 +1022,7 @@
 # needs these privileges to compare file signatures while processing installs.
 #
 # Only apexd is allowed to create new entries or write to any file under /data/apex.
-allow system_server apex_data_file:dir search;
+allow system_server apex_data_file:dir { getattr search };
 allow system_server apex_data_file:file r_file_perms;
 
 # Allow PasswordSlotManager rw access to /metadata/password_slots, so GSIs and the host image can