On 03/09/2018 02:55 AM, kiran mardi wrote:
> >>>>>>>>sh-3.2# toybox restorecon -nv /data/misc/dhcp
>
> [ 158.754324] type=1400 audit(946742542.500:16): avc: denied { search } for
> pid=983 comm="toybox" name="security" dev="mmcblk0p7" ino=186945
> scontext=u:r:shell:s0 tcontext=u:object_r:security_file:s0 tclass=dir
> permissive=1
>
> SELinux: Loaded file_contexts contexts from /file_contexts.bin.[ 158.776446]
> type=1400 audit(946742542.520:17): avc: denied { getattr } for pid=983
> comm="toybox" path="/data/misc/dhcp" dev="mmcblk0p7" ino=406419
> scontext=u:r:shell:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir permissive=1
>
>
>
> SELinux: Relabeling /data/misc/dhcp from u:object_r:unlabeled:s0 to
> u:object_r:dhcp_data_file:s0.
Ok, so you have a valid context for /data/misc/dhcp in your file_contexts,
which should have been used if the restorecon_recursive /data executed.
Did your file_contexts configuration change between the old and new versions?
restorecon_recursive /data will skip the tree walk if file_contexts has not
changed since the last time it was run; this is based on a separate
security.restorecon_last xattr set on the /data directory with the SHA1 hash of
the /file_contexts.bin file.
Also, what was the context on /data/misc/dhcp in the prior version from which
you are upgrading? Was it the same or different? If different, what was it?
