shinano-common: fix selinux denial in credmgrd

Fixes the denial: avc: denied { append } for pid=327 comm="credmgrfirstboo" name= "credmgr.log" dev="mmcblk0p24" ino=12 scontext=u:r:credmgrd:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=0 Also fixes issue with camera not working on first boot on aries. Change-Id: I726ff6a30745929f01f62d8504e0e0621e414ad7
author: Steven Lay <arbiter1000@gmail.com> 2017-07-20 09:05:34 +0000
committer: Steven Lay <arbiter1000@gmail.com> 2017-07-21 02:54:51 +0000
commit: 768059d27a85eb9be40b6c9570193d9a9cb8ba72 (patch)
tree: 0e8b69437cbb6d0182fde1a9f7bbc3c887c9e88f
parent: 370c2bcd6bb97083881ed7da13f9958b88d7411c (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te
index 5383834..78db47a 100644
--- a/sepolicy/credmgrd.te
+++ b/sepolicy/credmgrd.te
@@ -59,7 +59,7 @@ allow credmgrd ion_device:chr_file { ioctl open read };
 
 #============= credmgr init script ==============
 allow credmgrd cache_file:dir { add_name search };
-allow credmgrd cache_file:file { create getattr open read unlink write };
+allow credmgrd cache_file:file { append create getattr open read unlink write };
 allow credmgrd credmgrd_data_file:dir { add_name getattr relabelto reparent rename rmdir search };
 allow credmgrd credmgrd_data_file:file { append getattr open read unlink write };
 allow credmgrd credmgrd_prop:property_service set;
author	Steven Lay <arbiter1000@gmail.com>	2017-07-20 09:05:34 +0000
committer	Steven Lay <arbiter1000@gmail.com>	2017-07-21 02:54:51 +0000
commit	768059d27a85eb9be40b6c9570193d9a9cb8ba72 (patch)
tree	0e8b69437cbb6d0182fde1a9f7bbc3c887c9e88f
parent	370c2bcd6bb97083881ed7da13f9958b88d7411c (diff)