Skip to first unread message
Jaya Kumar
Apr 19, 2019, 7:14:17 AM4/19/19
to Android-x86
Hi,
I've been happy using android-x86 nougat on my system. Thanks to everyone who made that work.
I'm now trying to make one small change which is that I want to run a custom init script (a shell script) at bootup. It seemed like a simple idea which I've done before on kitkat without problems. I modified init.rc and added a service to start my script like this:
service mystart /system/bin/mystart
class main
critical
user root
group root system shell log radio cache inet misc audio graphics drmrpc vpn inet
oneshot
But what happens is on bootup, I see:
04-17 13:16:14.823 1210 1210 I init : type=1400 audit(0.0:6): avc: denied { execute_no_trans } for path="/system/bin/mystart" dev="loop1" ino=280 scontext=u:r:init:s0 tcontext=u:object_r:system_file:s0 tclass=file permissive=1
That error is a selinux permission error (the log is actually after I did step a below).
a) disabling selinux
I added:
write /sys/fs/selinux/enforce 0
and checked that this causes the system to be in permissive mode but at bootup, the same error still occurs.
In fact, you can see in the avc message permissive=1 which shows that this step worked (it was permissive=0 before) but still it is denied even though permissive=1.
b) adding a custom selinux policy I added: build/target/board/generic/sepolicy/mystart.te type mystart, domain; type mystart_exec, exec_type, file_type;
init_daemon_domain(mystart)
But this still doesn't allow the service to proceed. However, this step I am suspicious whether there's any additional things I need to do to make this .te file be used. I only did make sepolicy before m -j1 iso_img.
c) tried to run it as a post action
on property:dev.bootcomplete=1 exec u:r:shell:s0 shell shell input log adb sdcard_rw sdcard_r net_bt_admin net_bt inet net_bw_stats -- /system/bin/sh /system/bin/mystart
This still hits the same avc issue.
I'm kind of stuck so I'm looking for any ideas. Has anyone gotten this type of thing to work with nougat?
Any help would be greatly appreciated.
Thanks!
Chih-Wei Huang
Apr 19, 2019, 10:49:56 PM4/19/19
to Android-x86
The selinux messages are irrelevant.
They are just warnings (permissive=1).
The simplest way to do so is just add your
script to /etc/init.sh.
Jaya Kumar <k.jay...@gmail.com> 於 2019年4月19日 週五 下午7:14寫道:
> --
> You received this message because you are subscribed to the Google Groups "Android-x86" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to android-x86...@googlegroups.com.
> To post to this group, send email to andro...@googlegroups.com.
> Visit this group at https://groups.google.com/group/android-x86.
> For more options, visit https://groups.google.com/d/optout.
--
Chih-Wei
Android-x86 project
http://www.android-x86.org
They are just warnings (permissive=1).
The simplest way to do so is just add your
script to /etc/init.sh.
Jaya Kumar <k.jay...@gmail.com> 於 2019年4月19日 週五 下午7:14寫道:
> You received this message because you are subscribed to the Google Groups "Android-x86" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to android-x86...@googlegroups.com.
> To post to this group, send email to andro...@googlegroups.com.
> Visit this group at https://groups.google.com/group/android-x86.
> For more options, visit https://groups.google.com/d/optout.
--
Chih-Wei
Android-x86 project
http://www.android-x86.org
Reply all
Reply to author
Forward
0 new messages