On 07/28/2016 07:19 PM, Stephen Smalley wrote:
On 07/28/2016 12:11 PM, peter enderborg wrote:
What is the point with that?
Can you explain a bit further what specific problem you are
encountering, and with which branch/release of AOSP?
Hi Stephen.
I read your response that it is a not wanted behaviour.
The release is
build/core/build_id.mk:export BUILD_ID=NRD90M
I got:
libsepol.report_failure: neverallow on line 162 of system/sepolicy/domain.te
(or line 8850 of policy.conf) violated by allow ppsys ppsys:capability {
sys_ptrace };
Line 8850 is:
# Limit ability to ptrace or read sensitive /proc/pid files of processes
# with other UIDs to these whitelisted domains.
neverallow {
domain
-debuggerd
-vold
-dumpstate
-system_server
-perfprofd
} self:capability sys_ptrace;
and my te is:
type ppsys_exec, exec_type, file_type;
userdebug_or_eng(`
type ppsys, domain, mlstrustedsubject;
init_daemon_domain(ppsys)
allow ppsys self:capability sys_ptrace;
')
A removal of the line 'allow ppsys self:capability sys_ptrace', the make
completes with a runnable image.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
