On 03/28/2013 09:37 AM, Thomas COUDRAY wrote:
Hello,
I have SEAndroid with kernel-goldfish 2.6.29. Everything is well
labeled (even /system who uses yaffs2).
But files labels in /data and /cache according to /file_contexts are
missing: all files are u:object_r:unlabeled:s0 labels.
I was expecting to see all the categories of each apps in /data/data.
I have been trying to understand the control flow of ls -Z (who calls
getfilecon()/lgetxattr(2)), because maybe ls -Z hides on yaffs2 fs.
But all looks legit to me.
Here are some (maybe suspicious) logs:
init: cannot open '/initlogo.rle'
[...]
ext=u:object_r:cpuctl_device:s0 tcontext=u:object_r:cgroup:s0 tclass=filesystem
yaffs: dev is 32505856 name is "mtdblock0" rw
yaffs: passed flags ""
yaffs: dev is 32505857 name is "mtdblock1" rw
yaffs: passed flags ""
yaffs: dev is 32505858 name is "mtdblock2" rw
yaffs: passed flags ""
[...]
init: cannot find '/system/etc/install-recovery.sh', disabling 'flash_recovery'
[...]
shell@android:/ $ warning: `rild' uses 32-bit capabilities (legacy support in
use)
request_suspend_state: wakeup (3->0) at 31745273496 (2013-03-28
14:16:54.666878031 UTC)
init: sys_prop: permission denied uid:1003 name:service.bootanim.exit
Sounds like you still aren't using our kernel/goldfish project.
Did you follow the instructions on our wiki to download SE Android,
using our local_manifest.xml file? If so, which branch did you download?
Also, not sure when you did the download but we switched from
seandroid-goldfish-2.6.29 to seandroid-goldfish-3.4 a while back. But
either one should work. But you need our kernel/goldfish project with
one of our seandroid- branches if you want the full support for file
security labeling.
You didn't show any useful information from dmesg. Look for ones that
start with SELinux: or avc:.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
