On Thu, Sep 27, 2012 at 3:18 PM, Stephen Smalley
<stephen.smal...@gmail.com> wrote:
> On Thu, Sep 27, 2012 at 3:11 PM, Cesar Maiorino
> <cesar.maior...@gmail.com> wrote:
>> I've attached the log. Below is the audit2allow output (minus the shell
>> stuff):
>>
>> #============= release_app ==============
>> allow release_app device:chr_file { read write ioctl open };
>>
>> #============= untrusted_app ==============
>> allow untrusted_app device:chr_file { read write ioctl open };
>> allow untrusted_app device:sock_file write;
>> allow untrusted_app init:unix_stream_socket connectto;
>> allow untrusted_app ion_device:chr_file { read open };
>
> The "device" denials indicate that you have a device node that isn't
> properly labeled. We need to see the actual avc message to know which
> device node it is.
Looks like two devices are mislabeled, /dev/kgsl-3d0 and /dev/genlock.
Need to identify what kind of devices they are and define
file_contexts entries for them.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with
the words "unsubscribe seandroid-list" without quotes as the message.
