diff options
author | Amith Yamasani <yamasani@google.com> | 2015-12-15 17:20:06 -0800 |
---|---|---|
committer | Amith Yamasani <yamasani@google.com> | 2015-12-18 00:26:17 +0000 |
commit | 4fc1397d973c5f3c75e6033b8d328c2781dcaa8b (patch) | |
tree | 84e01fb2b8535d13b332e4398a16a72f9a2480d5 | |
parent | 1c749e0769b7d0dbe510b9d77d1b81cd817956d4 (diff) | |
download | android_external_sepolicy-4fc1397d973c5f3c75e6033b8d328c2781dcaa8b.tar.gz android_external_sepolicy-4fc1397d973c5f3c75e6033b8d328c2781dcaa8b.tar.bz2 android_external_sepolicy-4fc1397d973c5f3c75e6033b8d328c2781dcaa8b.zip |
Add policies for system_server to delete fpdata folder
Bug: 26211308
Change-Id: I8fd2d14ea52d49a33e6cdbcdf90630eea89f7dd0
-rw-r--r-- | system_server.te | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/system_server.te b/system_server.te index c9d8f3b..a56beff 100644 --- a/system_server.te +++ b/system_server.te @@ -432,7 +432,9 @@ allow system_server sdcard_type:dir { getattr search }; allow system_server mnt_expand_file:dir r_dir_perms; # Allow system process to relabel the fingerprint directory after mkdir -allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto}; +# and delete the directory and files when no longer needed +allow system_server fingerprintd_data_file:dir { r_dir_perms remove_name rmdir relabelto write }; +allow system_server fingerprintd_data_file:file { getattr unlink }; ### ### Neverallow rules |