Allow installd to restorecon /data/data.

Ability to relabel from/to any of the types that can be assigned to /data/data directories as per seapp_contexts type= assignments. Change-Id: I05e8b438950ddb908e46c9168ea6ee601e6d674f Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Allow installd to restorecon /data/data.
ee5ddb21 · Stephen Smalley · c4344898 · ee5ddb21
Commit ee5ddb21 authored 11 years ago by Stephen Smalley
--- a/installd.te
+++ b/installd.te
@@ -28,3 +28,18 @@ allow installd bluetooth_data_file:lnk_file { create setattr };
 allow installd nfc_data_file:lnk_file { create setattr };
 allow installd radio_data_file:lnk_file { create setattr };
 allow installd shell_data_file:lnk_file { create setattr };
+# restorecon /data/data
+allow installd unlabeled:dir relabelfrom;
+allow installd unlabeled:notdevfile_class_set relabelfrom;
+allow installd system_data_file:dir { relabelfrom relabelto };
+allow installd system_data_file:notdevfile_class_set { relabelfrom relabelto };
+allow installd bluetooth_data_file:dir { relabelfrom relabelto };
+allow installd bluetooth_data_file:notdevfile_class_set { relabelfrom relabelto };
+allow installd nfc_data_file:dir { relabelfrom relabelto };
+allow installd nfc_data_file:notdevfile_class_set { relabelfrom relabelto };
+allow installd radio_data_file:dir { relabelfrom relabelto };
+allow installd radio_data_file:notdevfile_class_set { relabelfrom relabelto };
+allow installd app_data_file:dir { relabelfrom relabelto };
+allow installd app_data_file:notdevfile_class_set { relabelfrom relabelto };
+allow installd shell_data_file:dir { relabelfrom relabelto };
+allow installd shell_data_file:notdevfile_class_set { relabelfrom relabelto };