Allow system_server to read oat dir

Required for PackageManagerService to perform restorecon recursively on a staging dir. Addresses the following denial: avc: denied { open } for name="oat" dev="mmcblk0p28" ino=163027 scontext=u:r:system_server:s0 tcontext=u:object_r:dalvikcache_data_file:s0 tclass=dir Bug: 19550105 Bug: 20087446 Change-Id: I0f6ebb79745091ecb4d6d3dbe92f65606b7469da
2015-04-06 19:26:33 -07:00 · 2015-04-06 19:26:33 -07:00 · 3af8c9d0ef
commit 3af8c9d0ef
parent d4c78f4b3f
1 changed files with 1 additions and 0 deletions
--- a/system_server.te
+++ b/system_server.te
@ -14,6 +14,7 @@ allow system_server system_server_tmpfs:file execute;

 # For art.
 allow system_server dalvikcache_data_file:file execute;
+allow system_server dalvikcache_data_file:dir r_dir_perms;

 # /data/resource-cache
 allow system_server resourcecache_data_file:file r_file_perms;