On 09/25/2014 05:52 AM, harish kavali wrote: > Dear all, > > I am trying to run my apps which are self-signed with my custom key > under my custom domain .I had followed the below steps , but unfortunately > my app not running in my custom domain but it is running in untrusted_app > domain. > > 1.creating the custom keys > make_key customkey "/C=IN/ST=AP/L=Hyderabad/CN=www. > <http://www.cdachyd.in/>example.com" given password: abc123 it generated > customkey.x509.pem, customkey.pk8, copied these keys in > "*build/target/product/security/" > *2.added [@CUSTOMKEY] in keys.conf > ALL: customkey.x509.pem > > 3.created new domain named custom_app.te just copied the contents of > untrusted_app.te and named it as custom_app.te and stored it in the " > *device/lge/hammerhead/sepolicy*" > 4.added seapp_contexts entry in " > *device/lge/hammerhead/sepolicy/seapp_contexts*" > > user=_app seinfo=custom domain=custom_app type=app_data_file > > 5.added a mac_permissions.xml file to " > *device/lge/hammerhead/sepolicy/mac_permissions.xml*" > which contains > > <policy> <!-- custom key --> <signer signature="@CUSTOM"> <seinfo > value="custom" /> </signer> </policy> > > 6.changed the BoardConfig.mk file > > BOARD_SEPOLICY_UNION := \ device.te \ app.te \ cdac_app.te\ seapp_contexts\ > mac_permissions.xml\ file_contexts > > 7.build the aosp source by executing > > lunch aosp_hammerhead-userdebug > > flashed the device with generated image > > 8.signed one sample application with same custom_keys created before > java -jar signapk.jar customkey.x509.pem customkey.pk8 Sample.apk > application_signed.apk > Zipaligned the apk with zipalign command and installed the apk > > launched the apk and executed ps -Z command from adb shell > > u:r:untrusted_app:s0 u0_a53 1961 178 com.example.sample > > but this is not expected, ps -Z should give > > u:r:custom_app:s0 u0_a53 1961 178 com.example.sample > > i had checked /system/etc/security/mac_permissions.xml in shell > my signer tag for custom domain had added in it with expanded x509 > signature > > i had checked /seapp_contests in shell > the entry for custom domain is there > user=_app seinfo=custom domain=custom_app type=app_data_file > Can any one please help me where i am missing * Regards Harish k*
Which version/branch are you using? android-4.4.4_r1 or master from AOSP, or seandroid-4.4.4 or seandroid from our bitbucket repositories? _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
