It fails because MAC policy (and probably DAC perms as well) doesn't allow anything to change/set/create seboolean values.
In my own opinion (and no way is this endorsed by Google) Android is a brand, and Android is fragmented enough. Having a runtime change in the policy could result in a device that is no longer Android compliant, and potentially yields greater ecosystem fragmentation. I recently posted CTS patches that verify that NO selinux booleans are present, and they have been merged. Bill On Fri, Mar 28, 2014 at 11:42 AM, Soteris Demetriou <[email protected]> wrote: > Hi, > > I was wondering why AOSP moderators don't want the boolean functionality. > Any insight on that would be much appreciated. > > Also does anyone know what do I need to do to re-enable booleans on AOSP > branch 4.4? > > I created the bools file defining my booleans, in external/sepolicy, and > added the bools in Android.mk. However when I call SELinux.setBooleanValue() > this fails. I don't get any messages on dmesg or logcat regarding that. > > Best, > Soteris > -- > Thank you and kind regards > > Soteris Demetriou > Dipl. El. & Comp. Eng. > Email: [email protected] > Website: soterisdemetriou.com > Page in CNTI: Soteris Demetriou > Page in FWC's wiki: Soteris Demetriou > seclab.cs.illinois.edu , sharps.org -- Respectfully, William C Roberts
