Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-16 / . / private / preloads_copy.te
blob: ba54b70acad2b89a5cbe4e0610d585ce7154555f [file] [log] [blame]
Anton Hanssonedd13bc2018-10-23 16:50:51 +0100[diff] [blame]1type preloads_copy, domain, coredomain;
2type preloads_copy_exec, system_file_type, exec_type, file_type;
3
4init_daemon_domain(preloads_copy)
5
6allow preloads_copy shell_exec:file rx_file_perms;
7allow preloads_copy toolbox_exec:file rx_file_perms;
8allow preloads_copy preloads_data_file:dir create_dir_perms;
9allow preloads_copy preloads_data_file:file create_file_perms;
10allow preloads_copy preloads_media_file:dir create_dir_perms;
11allow preloads_copy preloads_media_file:file create_file_perms;
12
13# Allow to copy from /postinstall
14allow preloads_copy system_file:dir r_dir_perms;
Bowgo Tsai35c2f102020-03-30 21:45:52 +0800[diff] [blame]15
16# Silence the denial when /postinstall cannot be mounted, e.g., system_other
17# is wiped, but preloads_copy.sh still runs.
18dontaudit preloads_copy postinstall_mnt_dir:dir search;