[英]Build AOSP custom rom
我正在嘗試建立強制執行,但我有 7 次違規。 我該如何解決?
libsepol.report_failure: neverallow on line 5 of device/motorola/sanders/sepolicy/vendor/ims.te (or line 75926 of
policy.conf) violated by allow hal_camera_default hal_camera_hwservice:hwservice_manager { add };
libsepol.report_failure: neverallow on line 3 of device/motorola/sanders/sepolicy/vendor/hal_nfc_default.te (or l
ine 75741 of policy.conf) violated by allow hal_secure_element_default hal_secure_element_hwservice:hwservice_man
ager { add };
libsepol.report_failure: neverallow on line 3 of device/motorola/sanders/sepolicy/vendor/hal_nfc_default.te (or l
ine 75741 of policy.conf) violated by allow rild hal_secure_element_hwservice:hwservice_manager { add };
libsepol.report_failure: neverallow on line 5 of system/sepolicy/public/hal_secure_element.te (or line 15685 of p
olicy.conf) violated by allow hal_nfc_default hal_secure_element_hwservice:hwservice_manager { add };
libsepol.report_failure: neverallow on line 5 of system/sepolicy/public/hal_camera.te (or line 14186 of policy.co
nf) violated by allow init hal_camera_hwservice:hwservice_manager { add };
libsepol.report_failure: neverallow on line 521 of system/sepolicy/public/domain.te (or line 10809 of policy.conf
) violated by allow hal_fingerprint_default default_android_hwservice:hwservice_manager { add };
libsepol.report_failure: neverallow on line 519 of system/sepolicy/public/domain.te (or line 10807 of policy.conf
) violated by allow qseeproxy default_android_service:service_manager { add };
libsepol.check_assertions: 7 neverallow failures occurred
您正在處理neverallow
違規:您有一條規則說“永遠不允許類型x
對某些其他類型/類y:c
執行action
”,然后另一條規則說“允許x
的此子類型對 y 執行action
y:c
"。 SE Linux 編譯器將拒絕這些相互矛盾的規則。 這可以通過修改neverallow
規則來解決您想要允許的特定子類型的例外情況。
更准確地說,如果您有以下形式的規則:
neverallow xy:c action;
type z, x;
(意思是z
是x
的一個特例)allow zy:c action;
修改第一條規則為neverallow {x -z} y:class action;
為子類型z
做一個例外。
例子:
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.