Allow shell to unlink perfetto_traces_data_file. Bug: 141704436 Test: blueline:/ $ ls -lZa /data/misc/perfetto-traces total 186 drwxrwx-wx 2 root shell u:object_r:perfetto_traces_data_file:s0 3488 2019-09-30 14:12 . drwxrwx--t 46 system misc u:object_r:system_data_file:s0 3488 2019-09-30 14:08 .. -rw------- 1 shell shell u:object_r:perfetto_traces_data_file:s0 180467 2019-09-30 14:12 profile-shell blueline:/ $ rm /data/misc/perfetto-traces/profile-shell rm ro /data/misc/perfetto-traces/profile-shell (y/N):y blueline:/ $ ls -lZa /data/misc/perfetto-traces total 6 drwxrwx-wx 2 root shell u:object_r:perfetto_traces_data_file:s0 3488 2019-09-30 14:13 . drwxrwx--t 46 system misc u:object_r:system_data_file:s0 3488 2019-09-30 14:08 .. blueline:/ $ Change-Id: Ia710068c3cca53a415347fb0a7064740e500d15d

commit: c069bc134e80f86d16d7305d67e9cf44ceffbc2b [log] [tgz]
author: Florian Mayer <fmayer@google.com> Mon Sep 30 11:09:45 2019 +0100
committer: Florian Mayer <fmayer@google.com> Mon Sep 30 13:13:14 2019 +0000
tree: 25beb455ecf1c676d30be7ec5b52515e4e4a2fca
parent: 3cda2d5c2b58c6daf322099c530669a889f0139e [diff]
diff --git a/private/shell.te b/private/shell.te
index 8a933a5..4987d27 100644
--- a/private/shell.te
+++ b/private/shell.te

@@ -52,7 +52,7 @@
 
 # Allow shell to read and unlink traces stored in /data/misc/perfetto-traces.
 allow shell perfetto_traces_data_file:dir rw_dir_perms;
-allow shell perfetto_traces_data_file:file r_file_perms;
+allow shell perfetto_traces_data_file:file { r_file_perms unlink };
 
 # Allow shell to run adb shell cmd gpu commands.
 binder_call(shell, gpuservice);
commit	c069bc134e80f86d16d7305d67e9cf44ceffbc2b	[log] [tgz]
author	Florian Mayer <fmayer@google.com>	Mon Sep 30 11:09:45 2019 +0100
committer	Florian Mayer <fmayer@google.com>	Mon Sep 30 13:13:14 2019 +0000
tree	25beb455ecf1c676d30be7ec5b52515e4e4a2fca
parent	3cda2d5c2b58c6daf322099c530669a889f0139e [diff]