Hi,
My native process written in C++ and started through init.rc , and a
platform app service running in Android , both communicate using a unix
socket.
I have kept that socket in a directory /data/cp/ which has been defined in
file_contexts as cp_data_file.
The socket path is /data/cp/my_sock.
Now I want to give the platform app service running in dalivik , access to
this socket to write to.
I did that using following line in platform_app.te :
allow platform_app cp_data_file:sock_file write
Still there are following denials being thrown by the SELinux:
type=1400 audit(1464606790.906:181): avc: denied { write } for pid=1599
comm="Thread-274" name="my_sock" dev="mtdblock1" ino=42267
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:cp_data_file:s0
tclass=sock_file permissive=0
Please help me why this rule is not working in platform_app.te. Everything
works well with compilation, but there seems to be issue with allowing the
platform_app to give access to this file.
Regards,
Sameer Joshi
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
