diff options
author | Steve Kondik <shade@chemlab.org> | 2014-06-12 02:22:11 -0700 |
---|---|---|
committer | Steve Kondik <shade@chemlab.org> | 2014-06-12 02:22:11 -0700 |
commit | cbc36489a60bddbee9857aaddb027290e4b22ef8 (patch) | |
tree | d9023ce3753e06208f2dd9c0286e19274d5c6602 | |
parent | c22b6c9f022c0f64c7e48067dd5c7fa6ff67d7dd (diff) | |
download | android_external_sepolicy-cbc36489a60bddbee9857aaddb027290e4b22ef8.tar.gz android_external_sepolicy-cbc36489a60bddbee9857aaddb027290e4b22ef8.tar.bz2 android_external_sepolicy-cbc36489a60bddbee9857aaddb027290e4b22ef8.zip |
sepolicy: Fix a few denials when using backup service
Change-Id: Ia5c307a126d42f1dd5952f809f8b4ca1c686a33c
-rw-r--r-- | system.te | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -13,10 +13,18 @@ type_transition system wifi_data_file:sock_file system_wpa_socket; allow system self:zygote { specifyids specifyrlimits specifyseinfo }; allow system backup_data_file:dir relabelto; -allow system cache_backup_file:dir relabelto; allow system apk_data_file:file relabelto; allow system apk_tmp_file:file relabelto; allow system apk_private_tmp_file:file relabelto; # Access to wake locks allow system sysfs_wake_lock:file rw_file_perms; + +# BackupManagerService lets PMS create a data backup file +allow system cache_backup_file:file create_file_perms; +# Relabel /data/backup +allow system backup_data_file:dir { relabelto relabelfrom }; +# Relabel /cache/.*\.{data|restore} +allow system cache_backup_file:file { relabelto relabelfrom }; +# LocalTransport creates and relabels /cache/backup +allow system cache_backup_file:dir { relabelto relabelfrom create_dir_perms }; |