Your should build your app as priv-app(put it in /system/priv-app, and not sign it with platform key). priv-app is allowed to call UpdateEngineService.
在 2019年6月20日星期四 UTC+8下午10:06:47,Arabi写道: > > *Background:* I have customized an AOSP distribution and created a custom > OTA updater service to integrate with it. But whenever I call the updater > service, the following error message is generated: > > E/SELinux: avc: denied { find } for service=android.os.UpdateEngineService > pid=22801 uid=10024 scontext=u:r:platform_app:s0:c512,c768 > tcontext=u:object_r:update_engine_service:s0 tclass=service_manager > permissive=0 > > *Diagnosis:* Based on the error message, our app is being built as a > platform_app. As a result, we are not being allowed to access the path > '/data/' on the system. > > *Possible solution:* There might be two approaches towards the solution: > > 1. Build the app as a system_app > > OR, > > 1. Build the app as a plaform_app and change SELinux config so that > the app is granted necessary access to '/data/' on the system. > > *Main question:* Am I heading towards the right direction with the > understanding and possible solutions stated here? If not, what am I missing > and what should be done in order to fix this issue? > -- -- unsubscribe: android-porting+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-porting --- You received this message because you are subscribed to the Google Groups "android-porting" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-porting+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/android-porting/0b17b3a9-95a8-44de-b5cc-d3b9cf45a616%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.