On 01/13/2016 10:08 AM, Federico Colangelo wrote:
I have the following files in /data/security/current
file_contexts
genfs_contexts
initial_sid_contexts
mac_permission.xml
port_contexts
property_contexts
seapp_contexts
selinux_version
sepolicy
service_contexts
You only need a copy of the files used at runtime on the device, not
policy source files. In 5.x, that would be:
file_contexts
mac_permissions.xml
property_contexts
seapp_contexts
selinux_version
sepolicy
service_contexts
The commands I showed for copying the policy files from / and
/system/etc/security would provide a complete copy of the original boot
policy files as a trivial test of the /data/security/current mechanism
without actually changing anything about the policy content.
The contents of selinux_version must match the contents of
/selinux_version or it will not use your /data/security/current policy
at all. This is to prevent loading a stale policy from
/data/security/current after an OTA upgrade.
i'm using an adb shell started with
./adb root
./adb shell
Triggering reload by typing in the adb shell
setprop selinux.reload_policy 1
after that i use
dmesg | grep 'SELinux'
but nothing is displayed.
Precedently, i saw the permission denied message when the adb deamon was
not running as root
You could alternatively run su after running adb shell; either way is fine.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
