Hi,
I've been happy using android-x86 nougat on my system. Thanks to everyone who made that work.
I'm now trying to make one small change which is that I want to run a custom init script (a shell script) at bootup. It seemed like a simple idea which I've done before on kitkat without problems. I modified init.rc and added a service to start my script like this:
service mystart /system/bin/mystart
class main
critical
user root
group root system shell log radio cache inet misc audio graphics drmrpc vpn inet
oneshot
But what happens is on bootup, I see:
04-17 13:16:14.823 1210 1210 I init : type=1400 audit(0.0:6): avc: denied { execute_no_trans } for path="/system/bin/mystart" dev="loop1" ino=280 scontext=u:r:init:s0 tcontext=u:object_r:system_file:s0 tclass=file permissive=1
That error is a selinux permission error (the log is actually after I did step a below).
a) disabling selinux
I added:
write /sys/fs/selinux/enforce 0
and checked that this causes the system to be in permissive mode but at bootup, the same error still occurs.
In fact, you can see in the avc message permissive=1 which shows that this step worked (it was permissive=0 before) but still it is denied even though permissive=1.
b) adding a custom selinux policy I added: build/target/board/generic/sepolicy/mystart.te type mystart, domain; type mystart_exec, exec_type, file_type;
init_daemon_domain(mystart)
But this still doesn't allow the service to proceed. However, this step I am suspicious whether there's any additional things I need to do to make this .te file be used. I only did make sepolicy before m -j1 iso_img.
c) tried to run it as a post action
on property:dev.bootcomplete=1 exec u:r:shell:s0 shell shell input log adb sdcard_rw sdcard_r net_bt_admin net_bt inet net_bw_stats -- /system/bin/sh /system/bin/mystart
This still hits the same avc issue.
I'm kind of stuck so I'm looking for any ideas. Has anyone gotten this type of thing to work with nougat?
Any help would be greatly appreciated.
Thanks!