Allow system_server to hard link its own files

Specifically, backup of wallpaper imagery needs to use hard links to achieve "real file" access to the large imagery files without rewriting the contents all the time just to stage for backup. They can't be symlinks because the underlying backup mechanisms refuse to act on symbolic links for other security reasons. Bug 25727875 Change-Id: Ic48fba3f94c92a4b16ced27a23646296acf8f3a5

Allow system_server to hard link its own files
Specifically, backup of wallpaper imagery needs to use hard links to achieve "real file" access to the large imagery files without rewriting the contents all the time just to stage for backup. They can't be symlinks because the underlying backup mechanisms refuse to act on symbolic links for other security reasons. Bug 25727875 Change-Id: Ic48fba3f94c92a4b16ced27a23646296acf8f3a5
d9b0a34a · Christopher Tate · 44f40a7e · d9b0a34a
Commit d9b0a34a authored 9 years ago by Christopher Tate
--- a/system_server.te
+++ b/system_server.te
@@ -292,6 +292,8 @@ allow system_server system_data_file:file relabelfrom;
 allow system_server wallpaper_file:file relabelto;
 allow system_server wallpaper_file:file { rw_file_perms unlink };
+# Backup of wallpaper imagery uses temporary hard links to avoid data churn
+allow system_server { system_data_file wallpaper_file }:file link;
 # ShortcutManager icons
 allow system_server system_data_file:dir relabelfrom;