sepolicy: Allow system apps to write cache and media files Updaters need to be able to read and write to these locations. Change-Id: I928a5f73ec29ab4fecb717072532d449192f3ca9

commit: ac15eaedf91aabec8ff81612819d0c1c626295ee [log] [tgz]
author: Brint E. Kriebel <bekit@cyngn.com> Tue Feb 17 17:36:37 2015 -0800
committer: Brint E. Kriebel <bekit@cyngn.com> Tue Feb 17 17:36:37 2015 -0800
tree: a789373e00caeae8876b18c2888be004a7c3dba0
parent: 9cfcfcc0162fd0dd4c39de09073da9c2112eff5d [diff]
diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
index b843de8..3f771e3 100644
--- a/sepolicy/system_app.te
+++ b/sepolicy/system_app.te

@@ -3,5 +3,7 @@
 allow system_app sysfs_devices_system_iosched:file rw_file_perms;
 
 # For the updaters
-allow system_app recovery_cache_file:dir {add_name rw_file_perms};
-allow system_app recovery_cache_file:file {create rw_file_perms};
+allow system_app recovery_cache_file:dir create_dir_perms;
+allow system_app recovery_cache_file:file create_file_perms;
+allow system_app media_rw_data_file:dir create_dir_perms;
+allow system_app media_rw_data_file:file create_file_perms;
commit	ac15eaedf91aabec8ff81612819d0c1c626295ee	[log] [tgz]
author	Brint E. Kriebel <bekit@cyngn.com>	Tue Feb 17 17:36:37 2015 -0800
committer	Brint E. Kriebel <bekit@cyngn.com>	Tue Feb 17 17:36:37 2015 -0800
tree	a789373e00caeae8876b18c2888be004a7c3dba0
parent	9cfcfcc0162fd0dd4c39de09073da9c2112eff5d [diff]