Some more followup for the /data/media issue is needed:
The fuse labeling works, i think. The files in /sdcard or /mnt/sdcard
look fine:
drwxrwxr-x root sdcard_rw u:object_r:sdcard_internal:s0 Alarms
But the files in /data/media/0 which is the original location of the
files does not:
drwxrwxr-x media_rw media_rw u:object_r:unlabeled:s0 Alarms
The sdcard service adresses the mounting:
# create virtual SD card at /mnt/sdcard, based on the /data/media directory
# daemon will drop to user/group system/media_rw after initializing
# underlying files in /data/media wil be created with user and group
media_rw (1023)
service sdcard /system/bin/sdcard /data/media /mnt/shell/emulated 1023 1023
class late_start
However, when working on the system, the access to the files is done via
/data/media and will fail in enforcinge mode.
Am 31.07.2013 15:47, schrieb rpcraig:
> On 07/31/2013 09:25 AM, Janosch Maier wrote:
>> I have defined several rules in the file_context file for the Samsung
>> n8000. The following rules do not show any effect:
>>
>> /data/media(/.*)? u:object_r:sdcard_internal:s0
>>
>> /sys/devices/platform/bcm4334_bluetooth/rfkill/rfkill0/state
>> u:object_r:sysfs_writable:s0
>> /sys/devices/platform/samsung-pd.2/mdnie/mdnie/mdnie/scenario
>> u:object_r:sysfs_writable:s0
>>
>> The standard rule labeling the files in /efs does not work either.
>>
>> Any ideas, what that could be?
>>
>> Regards
>> Janosch
>>
>> --
>> This message was distributed to subscribers of the seandroid-list
>> mailing list.
>> If you no longer wish to subscribe, send mail to
>> [email protected] with
>> the words "unsubscribe seandroid-list" without quotes as the message.
>
> You most likely need to perform a restorecon on those paths once they
> are created in some fashion. This can be achieved a number of different
> ways depending on how the directories are created. For the sysfs ones,
> I would just add an explicit restorecon call in your devices init.<board
> name>.rc file. Consult device/asus/grouper/init.grouper.rc as a
> reference as I believe we already have something similar for the rfkill
> stuff. Now, is your /efs mounted from within your fstab file? If so
> you'll most likely need an explicit 'content=' option applied to the
> mount options if its vfat, which it most likely is. Consult
> device/lge/mako/fstab.mako as a reference.
>
> We already have a genfscon entry to address the fuse mounted sdcard.
> Typically, the device specific init.rc file will have some service
> stanza to address the mounting of this; i would assume your device is
> similar. Look under exteral/sepolicy/genfs_contexts for our entry
> 'genfscon fuse / u:object_r:sdcard_internal:s0' on how we label this.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
