diff options
author | Narayan Kamath <narayan@google.com> | 2015-06-04 13:52:44 +0100 |
---|---|---|
committer | Narayan Kamath <narayan@google.com> | 2015-06-05 13:45:39 +0100 |
commit | 01898ea4aa2dbd676c2c20a796251285a1671a96 (patch) | |
tree | 07efc36467467fe1dd41651c2340c351bb52f27a /system_server.te | |
parent | dc496c2bfb5fe53c86d317ed041836f5262802cf (diff) | |
download | android_external_sepolicy-01898ea4aa2dbd676c2c20a796251285a1671a96.tar.gz android_external_sepolicy-01898ea4aa2dbd676c2c20a796251285a1671a96.tar.bz2 android_external_sepolicy-01898ea4aa2dbd676c2c20a796251285a1671a96.zip |
Revert "Allow system_server to link,relabel and create_dir dalvikcache_data_file."
This reverts commit e929ad8b524a7e444008b657adaafff97b5dea79.
bug: 20889739
Change-Id: I6729f4e26041b481f2442a2d8c3dfb42e2d4144a
Diffstat (limited to 'system_server.te')
-rw-r--r-- | system_server.te | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/system_server.te b/system_server.te index 5d1398a..0b18eb4 100644 --- a/system_server.te +++ b/system_server.te @@ -16,25 +16,6 @@ allow system_server system_server_tmpfs:file execute; allow system_server dalvikcache_data_file:file execute; allow system_server dalvikcache_data_file:dir r_dir_perms; -# For PackageInstallerSession. -# -# All of these rules relate to the installation and compilation of split -# APKs. Roughly, the process is as follows. The rules below only pertain -# to step (3) of the process -# -# (1) Create a staging directory. -# (2) Link existing APKs from the split -# -# (3) Link existing compiled oat files : This requires "create_dir_perms" -# to create oat directories (foo/oat and foo/oat/x86), "relabelto" to -# make sure they have the right label, and "link" to link files. -# -# (3) Invoke dex2oat to compile the updated / new split -# (4) Rename the staging directory back to the final path. -allow system_server dalvikcache_data_file:file link; -allow system_server dalvikcache_data_file:dir relabelto; -allow system_server dalvikcache_data_file:dir create_dir_perms; - # /data/resource-cache allow system_server resourcecache_data_file:file r_file_perms; allow system_server resourcecache_data_file:dir r_dir_perms; |