Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / e47d2365a8955901e29a1b571f78f315f089ec38^! / . / private / system_server.te
commite47d2365a8955901e29a1b571f78f315f089ec38[log] [tgz]
authorCosmo Hsieh <cosmohsieh@google.com>Fri Jun 28 09:51:28 2019 +0000
committerCosmo Hsieh <cosmohsieh@google.com>Fri Jun 28 09:51:28 2019 +0000
treef00462ffac61b9d8561f9294882e4a91d7bff86a
parent0c0ba46192d0faf8a5fa143fbdfeb32d6bd974a9 [diff] [blame]
Revert "Allow rule to let settings access apex files"

This reverts commit 0c0ba46192d0faf8a5fa143fbdfeb32d6bd974a9.

Reason for revert: <Broken build 5695273 on aosp-master on aosp_x86_64-eng>

Change-Id: I763f19aa5b72f2e1aaebbc78bb8ab3020c3d2a7b

diff --git a/private/system_server.te b/private/system_server.te
index 33d0032..1626fab 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -1022,7 +1022,7 @@
 # needs these privileges to compare file signatures while processing installs.
 #
 # Only apexd is allowed to create new entries or write to any file under /data/apex.
-allow system_server apex_data_file:dir { getattr search };
+allow system_server apex_data_file:dir search;
 allow system_server apex_data_file:file r_file_perms;
 
 # Allow PasswordSlotManager rw access to /metadata/password_slots, so GSIs and the host image can