我想在Android上的/mnt/vendor/persist/下保存一些数据,但是当我添加selinux权限时,Android的neverallow规则阻止了它(域是radio)。
那么如何设置selinux将数据保存在/mnt/vendor/persist/下并通过CTS呢?
我尝试添加 selinux,如下所示:
allow radio mnt_vendor_file:dir {search getattr read write add_name remove_name};
allow radio mnt_vendor_file:file {getattr read write create open unlink};
但出现以下错误:
libsepol.report_failure: neverallow on line 96 of device/qcom/sepolicy/qva/vendor/monaco/system_server.te (or line 101816 of policy.conf) violated by allow radio mnt_vendor_file:file { read write create getattr unlink open };
libsepol.report_failure: neverallow on line 96 of device/qcom/sepolicy/qva/vendor/monaco/system_server.te (or line 101816 of policy.conf) violated by allow radio mnt_vendor_file:dir { read write getattr add_name remove_name search };
libsepol.report_failure: neverallow on line 1378 of system/sepolicy/public/domain.te (or line 14256 of policy.conf) violated by allow radio mnt_vendor_file:dir { read write getattr add_name remove_name search };
libsepol.check_assertions: 3 neverallow failures occurred
Error while expanding policy
您的问题是您的 scontext
radiomnt_vendor_fileradioradioradio