From 107c55393c680eb14d5dee11f060b943b8d2e9aa Mon Sep 17 00:00:00 2001
From: Amith Yamasani <yamasani@google.com>
Date: Tue, 15 Dec 2015 17:20:06 -0800
Subject: [PATCH] Add policies for system_server to delete fpdata folder

Bug: 26211308
Change-Id: I8fd2d14ea52d49a33e6cdbcdf90630eea89f7dd0
---
 system_server.te | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/system_server.te b/system_server.te
index 96d8773f7..2616c46ba 100644
--- a/system_server.te
+++ b/system_server.te
@@ -424,7 +424,9 @@ allow system_server sdcard_type:dir { getattr search };
 allow system_server mnt_expand_file:dir r_dir_perms;
 
 # Allow system process to relabel the fingerprint directory after mkdir
-allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto};
+# and delete the directory and files when no longer needed
+allow system_server fingerprintd_data_file:dir { r_dir_perms remove_name rmdir relabelto write };
+allow system_server fingerprintd_data_file:file { getattr unlink };
 
 userdebug_or_eng(`
   # Allow system server to create and write method traces in /data/misc/trace.
-- 
GitLab