sepolicy: add rules for updater and update_engine * We need special exceptions for update_engine scripts because we handle backuptool operations through it. * priv_app needs to be able to make ota package dirs in order to put the ota in the correct spot. Change-Id: I39d9d43ea4eb9e567c6ee24a4cd4f8969cd2bcdd

commit: 9422c96fc01db5b5dd3c73f365d587ca88352f06 [log] [tgz]
author: Dan Pasanen <dan.pasanen@gmail.com> Fri Jul 20 09:36:08 2018 +0200
committer: Max Weninger <max.weninger@gmail.com> Sat Jul 28 10:33:26 2018 +0200
tree: 435d49848fabfadb73a67a390e941f45a78b2884
parent: b7463efb5fc8a74703eb095bbce77ac704d70cf2 [diff] [blame]
diff --git a/sepolicy/private/rootfs.te b/sepolicy/private/rootfs.te
new file mode 100644
index 0000000..7cfb964
--- /dev/null
+++ b/sepolicy/private/rootfs.te

@@ -0,0 +1 @@
+allow rootfs labeledfs:filesystem associate;
commit	9422c96fc01db5b5dd3c73f365d587ca88352f06	[log] [tgz]
author	Dan Pasanen <dan.pasanen@gmail.com>	Fri Jul 20 09:36:08 2018 +0200
committer	Max Weninger <max.weninger@gmail.com>	Sat Jul 28 10:33:26 2018 +0200
tree	435d49848fabfadb73a67a390e941f45a78b2884
parent	b7463efb5fc8a74703eb095bbce77ac704d70cf2 [diff] [blame]