I am getting this message and having a fun time tracking it down. My best guess
is that a user mode helper is executing this.
<38>[ 29.983923] type=1400 audit(946684830.959:3): avc: denied { sys_module }
for pid=236 comm="modprobe" capability=16 scontext=u:r:kernel:s0
tcontext=u:r:kernel:s0 tclass=capability permissive=1
# cat /proc/sys/kernel/modprobe
/sbin/modprobe
# ls -laZ /proc//sys/kernel/modprobe
-rw-r--r-- root root u:object_r:usermodehelper:s0 modprobe
Should I just label this and set up a domain transition? Our kernel does
contain the rootfs patch https://android-review.googlesource.com/#/c/58360/.
Is this barking down the right path, or should I just give kernel domain this
capability?
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
