Add rules for snapshotctl snapshotctl is a shell interface for libsnapshot. After rebooting into an updated build, on sys.boot_completed, init calls snapshotctl to merge snapshots. In order to do that, it needs to: - Talk to gsid to mount and unmount COW images - read the current slot suffix to do checks (and avoid merging snapshots when it shouldn't). - read / write OTA metadata files to understand states of the snapshot - delete OTA metadata files once a snapshot is merged - collapse the snapshot device-mapper targets into a plain dm-linear target by re-mapping devices on device-mapper Test: reboot after OTA, see merge completed without denials Bug: 135752105 Change-Id: Idfe99d4004e24805d56cd0ab2479557f237c2448

commit: f375337cc8fe5d1c00450754314661bebb74a933 [log] [tgz]
author: Yifan Hong <elsk@google.com> Fri Sep 20 15:14:23 2019 -0700
committer: Yifan Hong <elsk@google.com> Wed Oct 02 16:30:00 2019 -0700
tree: f482829f452d1e1169445b7eb6ce14b5ad17968c
parent: a4b3e6f62a930ae584e9c0c430036bcc74c35407 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index c90b5c3..05ad416 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -253,6 +253,7 @@
 /system/bin/recovery-persist     u:object_r:recovery_persist_exec:s0
 /system/bin/recovery-refresh     u:object_r:recovery_refresh_exec:s0
 /system/bin/sdcard      u:object_r:sdcardd_exec:s0
+/system/bin/snapshotctl      u:object_r:snapshotctl_exec:s0
 /system/bin/dhcpcd      u:object_r:dhcp_exec:s0
 /system/bin/dhcpcd-6\.8\.2	u:object_r:dhcp_exec:s0
 /system/bin/mtpd	u:object_r:mtp_exec:s0
commit	f375337cc8fe5d1c00450754314661bebb74a933	[log] [tgz]
author	Yifan Hong <elsk@google.com>	Fri Sep 20 15:14:23 2019 -0700
committer	Yifan Hong <elsk@google.com>	Wed Oct 02 16:30:00 2019 -0700
tree	f482829f452d1e1169445b7eb6ce14b5ad17968c
parent	a4b3e6f62a930ae584e9c0c430036bcc74c35407 [diff] [blame]