Do named/hinted type transitions, like what was done for the GPS jni_pipe
take regex or glob chars?
--
Respectfully,
William C Roberts
Ok thanks... I forgot how much the Kernel community abhors that type of
stuff.
On Tue, Nov 12, 2013 at 7:15 AM, Stephen Smalley
stephen.smal...@gmail.comwrote:
No, not at present. Exact match only.
On Tue, Nov 12, 2013 at 9:25 AM, William Roberts
bill.c.robe...@gmail.com wrote:
Do
Hi All,
The current SEAndroid cannot support persistent seboolean WHICH means that
after reboot all sebooleans will be set to be default value. It will be
quite inconvenient if some testing require the booleans NOT be reset after
reboot. For example, the CTS test may require the phone to reboot
I re-implemented your oneshot service you wrote in C as a shell script. I
am releasing this as public domain. It is attached. I verified that this
works on my system. Way simpler.
On Tue, Nov 12, 2013 at 12:26 PM, Haiqing Jiang hqjiang1...@gmail.comwrote:
Hi All,
The current SEAndroid cannot
On 11/10/2013 07:47 PM, Jaejyn Shin wrote:
Thank you for your advice.
Yes. I patched auditd to my kernel referring
http://selinuxproject.org/page/NB_SEforAndroid_1#auditd_Daemon
I am finding writing logs to both sides (/data/misc/audit and kernel log)
but it is not easy to find the way.
On 11/12/2013 03:26 PM, Haiqing Jiang wrote:
Hi All,
The current SEAndroid cannot support persistent seboolean WHICH means that
after reboot all sebooleans will be set to be default value. It will be
quite inconvenient if some testing require the booleans NOT be reset after
reboot. For
You can run sesearch on the policy.conf file or on the binary sepolicy
file, both of which can be found under the out/target/product/board
directory (although policy.conf is only available as an intermediate file).
However, I had suggested running it on the binary sepolicy pulled from
the device
Thank for your direction.
I found the commit of Bill Roberts (
https://bitbucket.org/billcroberts/system-core/commits/2d9108dde0fa81592d51968ee7002fb32e14f6cd
)
The reason why I want to do it is, I want to show the violation logs to
application developer who do not want to see the kernel logs but