Merge "Allow update_engine to write snapshotctl log data"

commit: f58e6777b2fd7029ecc115efbf9dc452c2532b90 [log] [tgz]
author: Yifan Hong <elsk@google.com> Wed Feb 05 17:57:46 2020 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Feb 05 17:57:46 2020 +0000
tree: fa7d09b0bb9d4cf17f69d1a56505e66642dfd407
parent: 54411b5e3c68cc523efcbfb6c5464d3e914762e0 [diff]
parent: 47ee18d67aa1007610c19b4bede1cebd0d51ffff [diff]
diff --git a/public/update_engine.te b/public/update_engine.te
index a6be3d3..078e494 100644
--- a/public/update_engine.te
+++ b/public/update_engine.te

@@ -75,3 +75,10 @@
 # gsi_metadata_file. We never apply OTAs when GSI is running, so just deny
 # the access.
 dontaudit update_engine gsi_metadata_file:dir search;
+
+# Allow to write to snapshotctl_log logs.
+# TODO(b/148818798) revert when parent bug is fixed.
+userdebug_or_eng(`
+allow update_engine snapshotctl_log_data_file:dir rw_dir_perms;
+allow update_engine snapshotctl_log_data_file:file create_file_perms;
+')
commit	f58e6777b2fd7029ecc115efbf9dc452c2532b90	[log] [tgz]
author	Yifan Hong <elsk@google.com>	Wed Feb 05 17:57:46 2020 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Feb 05 17:57:46 2020 +0000
tree	fa7d09b0bb9d4cf17f69d1a56505e66642dfd407
parent	54411b5e3c68cc523efcbfb6c5464d3e914762e0 [diff]
parent	47ee18d67aa1007610c19b4bede1cebd0d51ffff [diff]