Allow update_engine to search metadata_file:dir.
This is previously needed by snapshotctl to initiate the merge, but now update_engine is responsible for initiating the merge. Bug: 147696014 Test: no selinux denial on boot. Change-Id: I7804af1354d95683f4d05fc5593d78602aefe5a7
This commit is contained in:
parent
b8c108e15f
commit
b34ede070d
@ -81,5 +81,6 @@ unix_socket_send(update_engine_common, statsdw, statsd)
|
||||
get_prop(update_engine_common, virtual_ab_prop)
|
||||
|
||||
# Allow to read/write/create OTA metadata files for snapshot status and COW file status.
|
||||
allow update_engine_common metadata_file:dir search;
|
||||
allow update_engine_common ota_metadata_file:dir rw_dir_perms;
|
||||
allow update_engine_common ota_metadata_file:file create_file_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user