On 05/27/2016 01:14 PM, Stephen Smalley wrote:
> On 05/27/2016 12:03 PM, Inamdar Sharif wrote:
>> I am also getting the below denial:
>>
>> avc: denied { write } for pid=1 comm="init" name="/" dev="debugfs" ino=1
>> scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
>>
>> We have following rule for file:
>> # debugfs access
>> allow domain debugfs:dir r_dir_perms;
>> allow domain debugfs:file w_file_perms;
>>
>> Anything I am missing here??
>
> The denial was on dir (directory) rather than file, and we are only
> allowing read to dir above. But init shouldn't be trying to write (e.g.
> create or delete a file) in debugfs AFAIK. Are you doing something
> wrong in your init.board.rc file with regard to /sys/kernel/debug?
Are you mounting tracefs in your init.<board>.rc file?
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
