Revert^2 "Introduce derive_classpath."
5fd85de907f9c22ab7a540b5b3dda156962c18bc
Bug: 180105615
Test: manual boot of cuttlefish and gphone emulator
Change-Id: I9e43268d3b745e65b5ccc0a4896a7e55a253659d
diff --git a/private/derive_classpath.te b/private/derive_classpath.te
new file mode 100644
index 0000000..71960d3
--- /dev/null
+++ b/private/derive_classpath.te
@@ -0,0 +1,12 @@
+
+# Domain for derive_classpath
+type derive_classpath, domain, coredomain;
+type derive_classpath_exec, system_file_type, exec_type, file_type;
+init_daemon_domain(derive_classpath)
+
+# Create /data/system/environ/classpath file
+allow derive_classpath environ_system_data_file:dir rw_dir_perms;
+allow derive_classpath environ_system_data_file:file create_file_perms;
+
+# b/183079517 fails on gphone targets otherwise
+allow derive_classpath unlabeled:dir search;
diff --git a/private/file.te b/private/file.te
index 910210d..984a7b6 100644
--- a/private/file.te
+++ b/private/file.te
@@ -53,3 +53,6 @@
# /data/misc/odsign
type odsign_data_file, file_type, data_file_type, core_data_file_type;
+
+# /data/system/environ
+type environ_system_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index f8bb5ec..1347797 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -504,6 +504,7 @@
#
/data u:object_r:system_data_root_file:s0
/data/(.*)? u:object_r:system_data_file:s0
+/data/system/environ(/.*)? u:object_r:environ_system_data_file:s0
/data/system/packages\.list u:object_r:packages_list_file:s0
/data/unencrypted(/.*)? u:object_r:unencrypted_data_file:s0
/data/backup(/.*)? u:object_r:backup_data_file:s0