Define sepolicy for ferrocrhome app it needs to use debug sysprop for a while Bug: 348113995 Test: run ferrochrome app Change-Id: Ibc518c71a4533ad846514af02cbf5bffb9916d81

commit: e96a52c34a06830ac896d4fc8fdd9b236e0f9aba [log] [tgz]
author: Jeongik Cha <jeongik@google.com> Wed Jul 17 16:07:37 2024 +0900
committer: Jeongik Cha <jeongik@google.com> Wed Jul 17 16:09:03 2024 +0900
tree: ddf43f1ce744d002b422735532b7fbc983d7d0d8
parent: d168188b615b9d63bc328b15809fe6eab73942d1 [diff] [blame]
diff --git a/private/ferrochrome_app.te b/private/ferrochrome_app.te
new file mode 100644
index 0000000..e12c84c
--- /dev/null
+++ b/private/ferrochrome_app.te

@@ -0,0 +1,11 @@
+type ferrochrome_app, domain;
+typeattribute ferrochrome_app coredomain;
+
+app_domain(ferrochrome_app)
+
+allow ferrochrome_app app_api_service:service_manager find;
+allow ferrochrome_app system_api_service:service_manager find;
+
+# TODO(b/348113995): after remove sysprop usage, we can use just (priv_)app.te
+set_prop(ferrochrome_app, debug_prop);
+get_prop(ferrochrome_app, debug_prop);
commit	e96a52c34a06830ac896d4fc8fdd9b236e0f9aba	[log] [tgz]
author	Jeongik Cha <jeongik@google.com>	Wed Jul 17 16:07:37 2024 +0900
committer	Jeongik Cha <jeongik@google.com>	Wed Jul 17 16:09:03 2024 +0900
tree	ddf43f1ce744d002b422735532b7fbc983d7d0d8
parent	d168188b615b9d63bc328b15809fe6eab73942d1 [diff] [blame]