selinux

Where are all the shared libraries stored on android?

耗尽温柔 提交于 2019-12-13 13:02:22
问题 Where are all the shared libraries (.so) stored on Android? I was able to find the /system/lib directory but I'm sure there are more. Not being able to use the find command doesn't help either. 回答1: In the many AOSP and vendor images I have analyzed, I've observed a regular pattern of locations for shared libraries, as follows (some of these are only in newer versions): system/app/<name>/lib/<arch> system/priv-app/<name>/lib/<arch> system/lib system/lib64 system/vendor/lib system/vendor/lib64

Is it possible to connect SELinux policy with Android permissions?

纵饮孤独 提交于 2019-12-13 05:47:56
问题 I'd like to grant Android permissions (e.g. android.permission.DELETE_PACKAGES, which has protectionLevel=system|signature) to apps signed by a given signature and/or with a given package name from SELinux policies, but so far I haven't found a way that works. The mac_permissions.xml file used to accept an allow-permission tag that accepted Android permission strings, but based on the Lollipop code that parses it, that tag doesn't seem to be supported anymore. I tried using it anyway, and it

PHP ssh2_connect and SELinux

谁说我不能喝 提交于 2019-12-12 04:43:52
问题 I've got a server that I was having trouble running ssh2_connect on. I realized that if I disabled SELinux it would work. I'd prefer not to do that though. Is it possible to make ssh2_connect in php work with SELinux enabled? 回答1: Found the answer. There's an selinux boolean that needs to be enabled. Run this in shell: setsebool -P httpd_can_network_connect on 来源: https://stackoverflow.com/questions/22640846/php-ssh2-connect-and-selinux

“permission denied” error despite having all needed file system permissions

瘦欲@ 提交于 2019-12-12 03:03:46
问题 I'm on an android, using adb shell to troubleshoot an issue which my app has with the file system. I'm encountering a permissions error when using tinyalsa, so I wish to investigate the directories involved. cannot open device '/dev/snd/pcmC1D0c': Permission denied If I su and then stat each item in the path, the shell tells me the following permissions: / (755/drwxr-xr-x) /dev/ (755/drwxr-xr-x) /dev/snd/ (755/drwxr-xr-x) If I try to stat /dev/snd without su , however, I get Permission denied

Permission denied to access /var/run/docker.sock mounted in a OpenShift container

爷,独闯天下 提交于 2019-12-11 16:19:26
问题 Objective Know how to trouble shoot and what knowledge is required to trouble shoot permission issues of Docker container accessing host files. Problem Access to /var/run/docker.sock mounted inside a OpenShift container via hostPath causes permission denied. The issue does not happen if the same container is deployed to K8S 1.9.x, hence it is OpenShift specific issue. [ec2-user@ip-10-0-4-62 ~]$ ls -laZ /var/run/docker.sock srw-rw----. root docker system_u:object_r:container_var_run_t:s0 /var

知识面扩充

≡放荡痞女 提交于 2019-12-11 15:02:18
1. 自动获取IP地址的命令是什么?您知道在什么情况下,您的Linux才可以自动获取IP地址? 使用命令 dhclient可以自动获取IP地址,只有当我们的Linux所在的网络有dhcp服务器才可以自动获取ip,dhcp服务就是一个分发ip的管理器。 2. 远程连接Linux服务器,需要Linux服务器开启sshd服务,那么sshd服务默认监听哪个端口?这个端口是否可以自定义呢?如果可以,如何自定义? sshd服务默认监听22端口,这个端口是可以自定义的,需要修改/etc/ssh/sshd_config配置文件,把 "#Port 22"修改为"Port 12553" 其中12553就是新定义的sshd端口。 3. 列举出常用的远程连接linux的终端工具有哪些? putty, Secure CRT, Secure SSh, Xshell 等 4. 手动配置IP,需要修改哪个配置文件? 更改默认的配置文件,需要更改哪些地方,需要增加哪几行? 需要修改配置文件 /etc/sysconfig/network-scripts/ifcfg-eth0 需要修改的有: 更改:BOOTPROTO=static 增加:IPADDR=192.168.0.11 增加:NETMASK=255.255.255.0 增加:GATEWAY=192.168.0.1 增加:DNS1=192.168.0.1 5.

How to inject SELinux policies permanently in android?

一曲冷凌霜 提交于 2019-12-11 14:32:08
问题 I have a rooted android device and I need to inject following policies into it: sepolicy-inject -s init -t su -c process -p transition -l sepolicy-inject -s su -t system_file -c file -p entrypoint -l sepolicy-inject -s init -t su -c process -p rlimitinh -l sepolicy-inject -s init -t su -c process -p siginh -l sepolicy-inject -s su -t shell_exec -c file -p read -l sepolicy-inject -s su -t shell_exec -c file -p execute -l sepolicy-inject -s su -t shell_exec -c file -p getattr -l sepolicy-inject

WordPress can't install themes

南笙酒味 提交于 2019-12-11 14:09:42
问题 I can't workout how to solve this problem so wordpress would let me upload themes. I have a fresh copy of Fedora 17 installed on my dev machine. I then installed mysql using: yum install mysql mysql-server . Next I installed WordPress which also installs apache and php: yum install wordpress I can go to http://localhost/wordpress and see WordPress working. But when I try tried to install my theme it asked for ftp credentials. I then updated the wp-config.php file and set the FS_METHOD

Why SELinux denies access to container internal files and claims them as “unlabled_t”?

孤街浪徒 提交于 2019-12-11 13:05:08
问题 This is related to this question: How to audit the selinux denial inside a docker container I have a container that does not work after enforcing selinux, the "ls /app" command failed with access denial: # docker exec -it XXX ls -lZ /app ls: cannot open directory /app: Permission denied the first problem is that selinux denial messages not logged for accessing inside my container,after turnoff the "dontaudit", the selinux denial info appears, but it shows the container is trying to "read" an

Build AOSP custom rom

删除回忆录丶 提交于 2019-12-11 11:01:59
问题 I'm trying to build enforcing, but I had 7 violations. How can I fix? libsepol.report_failure: neverallow on line 5 of device/motorola/sanders/sepolicy/vendor/ims.te (or line 75926 of policy.conf) violated by allow hal_camera_default hal_camera_hwservice:hwservice_manager { add }; libsepol.report_failure: neverallow on line 3 of device/motorola/sanders/sepolicy/vendor/hal_nfc_default.te (or l ine 75741 of policy.conf) violated by allow hal_secure_element_default hal_secure_element_hwservice
订阅 selinux