Selinux Denies Starting Service on Android 8
Question
Recently I am working on Android 8 and blocked with selinux issue…
I create a “ppp” service in init.rc to start pppd as below:
service ppp /system/bin/pppd call gprs
user root
group system radio
disabled
oneshot
But it failed when starting this service with command “setprop ctl.start ppp”.
The selinux is already set to permissive mode but still shows as follows, and service is not started:
console:/ # [ 430.567622] init: Could not ctl.start for service ppp: File /system/bin/pppd(labeled "u:object_r:ppp_exec:s0") has incorrect label or no domain transition from u:r:init:s0 to another SELinux domain defined. Have you configured your service correctly? https://source.android.com/security/selinux/device-policy#label_new_services_and_address_denials
The ppp.te and file_contexts is not changed:
ppp.te:
typeattribute ppp coredomain;
domain_auto_trans(mtp, ppp_exec, ppp)
file_contexts:
/system/bin/pppd u:object_r:ppp_exec:s0
Any information to solve this problem is appreciated, thanks in advance!
1 answers
solution1
0 ACCPTED 2018-07-11 16:27:02
When you use “setprop ctl.start ppp”, the service is started from init.
Try with this policy:
domain_auto_trans(init, ppp_exec, ppp)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.