flock(2) and SELinux permission issues
174 views
Skip to first unread message
Christoffer Ahlbin
Mar 21, 2016, 4:18:09 PM3/21/16
to android-ndk
I'm attempting to use flock(2) on a directory.
The code running is equivalent of:
const char* path = "/data/data/com.mypackage/files/somefilename";
mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP;
int fd = mkdir(path, mode);
fapi_.opendir(path);
int status = flock(fd, LOCK_EX | LOCK_NB);
=> status = 13
error shown in logcat:
03-21 20:12:22.530 1525 1525 W Thread-1027: type=1400 audit(0.0:536): avc: denied { lock } for path="/data/data/com.mypackage/files/somefilename" dev="mmcblk0p28" ino=114736 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
So it seems like SELinux is prevent the flock?
Built Android API Level 9, running on an Nexus 5, Android 6.0.
Thanks
Message has been deleted
Christoffer Ahlbin
Mar 23, 2016, 10:15:50 AM3/23/16
to android-ndk
Ok, thanks!
On Tuesday, March 22, 2016 at 6:18:31 PM UTC+1, Nick Kralevich wrote:
On Tuesday, March 22, 2016 at 6:18:31 PM UTC+1, Nick Kralevich wrote:
Hi Christoffer,This is a bug in Android's SELinux policy. A fix has been committed (https://googleplex-android-review.git.corp.google.com/891215) to the Android open source project and will be available in a future Android release.-- Nick
Reply all
Reply to author
Forward
0 new messages