From 2380d05f9791b6789b81e28ca8841df1b8b62c6d Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Fri, 10 Oct 2014 15:56:22 -0700
Subject: [PATCH] allow system_server oemfs read access

Bug: 17954291
Change-Id: Ia904fff65df5142732928561d81ea0ece0c52a8d
---
 system_server.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system_server.te b/system_server.te
index e55a43551..97d159d87 100644
--- a/system_server.te
+++ b/system_server.te
@@ -391,7 +391,7 @@ allow system_server frp_block_device:blk_file rw_file_perms;
 allow system_server cgroup:dir { remove_name rmdir };
 
 # /oem access
-allow system_server oemfs:dir search;
+r_dir_file(system_server, oemfs)
 
 ###
 ### Neverallow rules
-- 
GitLab