Allow User::Shell subject to create System::Shared files (via Smack transmute)

This change is required to support system wide dynamic filtering in DLog
(logger), as described below:

1. filtering is handled in the client - every client needs to access
   filters

2. filters are changed dynamically by administrator - root shell via

   a. serial console (with System::Privileged label)

   b. sdb (with User::Shell label)

3. filters are stored in /run/dlog/filters.d/FILTERS file,
   /run/dlog/filters.d has Smack::Shared & Smack transmute set

This commit ensures that case 2b is handled correctly (2a is handled
alredy).  Without this change filters would have User::Shell label,
causing applications to not be able to access these files at all -
effectively disabling runtime filtering ability.

Change-Id: I3f15ae8e9822f3396bfbaf20cab005e15b346f83
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>

diff --git a/packaging/default-ac-domains.manifest b/packaging/default-ac-domains.manifest
index f67025df219bf87d36d6dc24787aa53fbf27100f..949ff3504509ee7dea8e174c5538f8642cd1288a 100644 (file)
--- a/packaging/default-ac-domains.manifest
+++ b/packaging/default-ac-domains.manifest
@@ -94,7 +94,7 @@
     <domain name="User::Shell" policy="shared"/>
     <request>
       <smack request="System" type="wx"/>
-      <smack request="System::Shared" type="rxl"/>
+      <smack request="System::Shared" type="rxtl"/>
       <smack request="System::Run" type="rxl"/>
       <smack request="System::Log" type="w"/>
       <smack request="User" type="wx"/>