Give system_server / system_app ability to write some properties
Allow writing to persist.sys and debug.
This addresses the following denials (which are actually being enforced):
<4>[ 131.700473] avc: denied { set } for property=debug.force_rtl scontext=u:r:system_server:s0 tcontext=u:object_r:shell_prop:s0 tclass=property_service
<3>[ 131.700625] init: sys_prop: permission denied uid:1000 name:debug.force_rtl
<4>[ 132.630062] avc: denied { set } for property=persist.sys.dalvik.vm.lib scontext=u:r:system_app:s0 tcontext=u:object_r:system_prop:s0 tclass=property_service
<3>[ 132.630184] init: sys_prop: permission denied uid:1000 name:persist.sys.dalvik.vm.lib
Change-Id: I5d114c0d963bf393f49f1bf13d1ed84137fbcca6
diff --git a/system_server.te b/system_server.te
index cae5cb0..782c27f 100644
--- a/system_server.te
+++ b/system_server.te
@@ -147,6 +147,7 @@
# Property Service write
allow system_server system_prop:property_service set;
allow system_server radio_prop:property_service set;
+allow system_server debug_prop:property_service set;
# ctl interface
allow system_server ctl_default_prop:property_service set;