On 05/27/2016 12:03 PM, Inamdar Sharif wrote:
> I am also getting the below denial:
>
> avc: denied { write } for pid=1 comm="init" name="/" dev="debugfs" ino=1
> scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
>
> We have following rule for file:
> # debugfs access
> allow domain debugfs:dir r_dir_perms;
> allow domain debugfs:file w_file_perms;
>
> Anything I am missing here??
The denial was on dir (directory) rather than file, and we are only
allowing read to dir above. But init shouldn't be trying to write (e.g.
create or delete a file) in debugfs AFAIK. Are you doing something
wrong in your init.board.rc file with regard to /sys/kernel/debug?
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
