search

blumonks / android_device_blu_p6601

LineageOS 14.1 Device Tree for BLU R1 HD
GNU General Public License v2.0
1 stars 1 forks source link

SELinux enforcing mode #4

Open natekc opened 7 years ago

natekc commented 7 years ago

Currently, SELinux is in permissive mode. We need to sort out the mess of selinux policies in the current tree.

SELinux enforcing mode one of the requirements for google CTS.

natekc commented 7 years ago 
[ 2138.632943]  (0)[267:logd.auditd]type=1400 audit(1496528391.921:201): avc: denied { getattr } for pid=9419 comm="mount" path="/protect_f" dev="mmcblk0p3" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:protect_f_data_file:s0 tclass=dir permissive=1
[ 2138.638139]  (0)[267:logd.auditd]type=1400 audit(1496528391.921:202): avc: denied { getattr } for pid=9419 comm="mount" path="/protect_s" dev="mmcblk0p4" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:protect_s_data_file:s0 tclass=dir permissive=1
[ 2138.638544]  (0)[267:logd.auditd]type=1400 audit(1496528391.931:203): avc: denied { getattr } for pid=9419 comm="mount" path="/nvdata" dev="mmcblk0p18" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:nvdata_file:s0 tclass=dir permissive=1
[ 2144.312110]  (1)[267:logd.auditd]type=1400 audit(1496528397.601:204): avc: denied { getattr } for pid=9427 comm="ls" path="/ueventd.rc" dev="rootfs" ino=1053 scontext=u:r:shell:s0 tcontext=u:object_r:rootfs:s0 tclass=file permissive=1
[ 2144.312569]  (1)[267:logd.auditd]type=1400 audit(1496528397.601:205): avc: denied { getattr } for pid=9427 comm="ls" path="/init" dev="rootfs" ino=6921 scontext=u:r:shell:s0 tcontext=u:object_r:init_exec:s0 tclass=file permissive=1
[ 2146.907977]  (2)[267:logd.auditd]type=1400 audit(1496528400.201:206): avc: denied { getattr } for pid=9428 comm="ls" path="/proc/sysrq-trigger" dev="proc" ino=4026533644 scontext=u:r:shell:s0 tcontext=u:object_r:proc_sysrq:s0 tclass=file permissive=1
[ 2146.908389]  (2)[267:logd.auditd]type=1400 audit(1496528400.201:207): avc: denied { getattr } for pid=9428 comm="ls" path="/proc/iomem" dev="proc" ino=4026533626 scontext=u:r:shell:s0 tcontext=u:object_r:proc_iomem:s0 tclass=file permissive=1
[ 2309.369368]  (0)[267:logd.auditd]type=1400 audit(1496528562.661:208): avc: denied { getattr } for pid=9434 comm="ls" path="/nvdata" dev="mmcblk0p18" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:nvdata_file:s0 tclass=dir permissive=1
[ 2309.372051]  (0)[267:logd.auditd]type=1400 audit(1496528562.661:209): avc: denied { getattr } for pid=9434 comm="ls" path="/protect_s" dev="mmcblk0p4" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:protect_s_data_file:s0 tclass=dir permissive=1
[ 2309.372201]  (0)[267:logd.auditd]type=1400 audit(1496528562.661:210): avc: denied { getattr } for pid=9434 comm="ls" path="/protect_f" dev="mmcblk0p3" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:protect_f_data_file:s0 tclass=dir permissive=1
[ 2342.447218]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:211): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/6620_launcher" dev="mmcblk0p20" ino=121 scontext=u:r:shell:s0 tcontext=u:object_r:conn_launcher_exec:s0 tclass=file permissive=1
[ 2342.451136]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:212): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/audioserver" dev="mmcblk0p20" ino=141 scontext=u:r:shell:s0 tcontext=u:object_r:audioserver_exec:s0 tclass=file permissive=1
[ 2342.451294]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:213): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/blkid" dev="mmcblk0p20" ino=146 scontext=u:r:shell:s0 tcontext=u:object_r:blkid_exec:s0 tclass=file permissive=1
[ 2342.451414]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:214): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/bootanimation" dev="mmcblk0p20" ino=150 scontext=u:r:shell:s0 tcontext=u:object_r:bootanim_exec:s0 tclass=file permissive=1
[ 2342.451534]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:215): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/bootstat" dev="mmcblk0p20" ino=151 scontext=u:r:shell:s0 tcontext=u:object_r:bootstat_exec:s0 tclass=file permissive=1
[ 2342.451651]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:216): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/cameraserver" dev="mmcblk0p20" ino=158 scontext=u:r:shell:s0 tcontext=u:object_r:cameraserver_exec:s0 tclass=file permissive=1
[ 2342.451769]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:217): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/ccci_fsd" dev="mmcblk0p20" ino=160 scontext=u:r:shell:s0 tcontext=u:object_r:ccci_fsd_exec:s0 tclass=file permissive=1
[ 2342.451885]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:218): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/ccci_mdinit" dev="mmcblk0p20" ino=161 scontext=u:r:shell:s0 tcontext=u:object_r:ccci_mdinit_exec:s0 tclass=file permissive=1
[ 2342.452002]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:219): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/clatd" dev="mmcblk0p20" ino=170 scontext=u:r:shell:s0 tcontext=u:object_r:clatd_exec:s0 tclass=file permissive=1
[ 2342.452119]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:220): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/debuggerd" dev="mmcblk0p20" ino=184 scontext=u:r:shell:s0 tcontext=u:object_r:debuggerd_exec:s0 tclass=file permissive=1
[ 2342.452237]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:221): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/dnsmasq" dev="mmcblk0p20" ino=192 scontext=u:r:shell:s0 tcontext=u:object_r:dnsmasq_exec:s0 tclass=file permissive=1
[ 2342.452363]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:222): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/drmserver" dev="mmcblk0p20" ino=195 scontext=u:r:shell:s0 tcontext=u:object_r:drmserver_exec:s0 tclass=file permissive=1
[ 2342.452479]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:223): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/dumpstate" dev="mmcblk0p20" ino=197 scontext=u:r:shell:s0 tcontext=u:object_r:dumpstate_exec:s0 tclass=file permissive=1
[ 2342.480430]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:224): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/e2fsck" dev="mmcblk0p20" ino=199 scontext=u:r:shell:s0 tcontext=u:object_r:fsck_exec:s0 tclass=file permissive=1
[ 2342.480636]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:225): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/gatekeeperd" dev="mmcblk0p20" ino=224 scontext=u:r:shell:s0 tcontext=u:object_r:gatekeeperd_exec:s0 tclass=file permissive=1
[ 2342.480877]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:226): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/gsm0710muxd" dev="mmcblk0p20" ino=234 scontext=u:r:shell:s0 tcontext=u:object_r:gsm0710muxd_exec:s0 tclass=file permissive=1
[ 2342.481001]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:227): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/hostapd" dev="mmcblk0p20" ino=242 scontext=u:r:shell:s0 tcontext=u:object_r:hostapd_exec:s0 tclass=file permissive=1
[ 2342.481127]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:228): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/idmap" dev="mmcblk0p20" ino=247 scontext=u:r:shell:s0 tcontext=u:object_r:idmap_exec:s0 tclass=file permissive=1
[ 2342.481326]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:229): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/install-recovery.sh" dev="mmcblk0p20" ino=255 scontext=u:r:shell:s0 tcontext=u:object_r:install_recovery_exec:s0 tclass=file permissive=1
[ 2342.481513]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:230): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/installd" dev="mmcblk0p20" ino=256 scontext=u:r:shell:s0 tcontext=u:object_r:installd_exec:s0 tclass=file permissive=1
[ 2342.481633]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:231): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/keystore" dev="mmcblk0p20" ino=269 scontext=u:r:shell:s0 tcontext=u:object_r:keystore_exec:s0 tclass=file permissive=1
[ 2342.481754]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:232): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/lmkd" dev="mmcblk0p20" ino=279 scontext=u:r:shell:s0 tcontext=u:object_r:lmkd_exec:s0 tclass=file permissive=1
[ 2342.481873]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:233): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/logd" dev="mmcblk0p20" ino=284 scontext=u:r:shell:s0 tcontext=u:object_r:logd_exec:s0 tclass=file permissive=1
[ 2342.481989]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:234): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/md_ctrl" dev="mmcblk0p20" ino=303 scontext=u:r:shell:s0 tcontext=u:object_r:md_ctrl_exec:s0 tclass=file permissive=1
[ 2342.482108]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:235): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mdnsd" dev="mmcblk0p20" ino=305 scontext=u:r:shell:s0 tcontext=u:object_r:mdnsd_exec:s0 tclass=file permissive=1
[ 2342.482234]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:236): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mediacodec" dev="mmcblk0p20" ino=307 scontext=u:r:shell:s0 tcontext=u:object_r:mediacodec_exec:s0 tclass=file permissive=1
[ 2342.482353]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:237): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mediadrmserver" dev="mmcblk0p20" ino=308 scontext=u:r:shell:s0 tcontext=u:object_r:mediadrmserver_exec:s0 tclass=file permissive=1
[ 2342.482471]  (0)[267:logd.auditd]type=1400 audit(1496528595.741:238): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mediaextractor" dev="mmcblk0p20" ino=309 scontext=u:r:shell:s0 tcontext=u:object_r:mediaextractor_exec:s0 tclass=file permissive=1
[ 2342.482588]  (0)[267:logd.auditd]type=1400 audit(1496528595.751:239): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mediaserver" dev="mmcblk0p20" ino=310 scontext=u:r:shell:s0 tcontext=u:object_r:mediaserver_exec:s0 tclass=file permissive=1
[ 2342.482707]  (0)[267:logd.auditd]type=1400 audit(1496528595.751:240): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/memsicd3416x" dev="mmcblk0p20" ino=313 scontext=u:r:shell:s0 tcontext=u:object_r:memsicd3416x_exec:s0 tclass=file permissive=1
[ 2342.482824]  (0)[267:logd.auditd]type=1400 audit(1496528595.751:241): avc: denied { getattr } for pid=9436 comm="ls" path="/system/bin/mkfs.exfat" dev="mmcblk0p20" ino=318 scontext=u:r:shell:s0 tcontext=u:object_r:mkfs_exec:s0 tclass=file permissive=1
[ 2346.431833]  (0)[267:logd.auditd]type=1400 audit(1496528599.721:270): avc: denied { execute } for pid=9415 comm="sh" name="cameraserver" dev="mmcblk0p20" ino=158 scontext=u:r:shell:s0 tcontext=u:object_r:cameraserver_exec:s0 tclass=file permissive=1
[ 2346.433198]  (0)[267:logd.auditd]type=1400 audit(1496528599.721:271): avc: denied { read open } for pid=9438 comm="sh" path="/system/bin/cameraserver" dev="mmcblk0p20" ino=158 scontext=u:r:shell:s0 tcontext=u:object_r:cameraserver_exec:s0 tclass=file permissive=1
[ 2346.433866]  (0)[267:logd.auditd]type=1400 audit(1496528599.721:272): avc: denied { execute_no_trans } for pid=9438 comm="sh" path="/system/bin/cameraserver" dev="mmcblk0p20" ino=158 scontext=u:r:shell:s0 tcontext=u:object_r:cameraserver_exec:s0 tclass=file permissive=1
[ 2347.073364]  (1)[267:logd.auditd]type=1400 audit(1496528600.361:273): avc: denied { write } for pid=9438 comm="cameraserver" name="trace_marker" dev="debugfs" ino=3085 scontext=u:r:shell:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=1
[ 2347.073548]  (1)[267:logd.auditd]type=1400 audit(1496528600.361:274): avc: denied { open } for pid=9438 comm="cameraserver" path="/sys/kernel/debug/tracing/trace_marker" dev="debugfs" ino=3085 scontext=u:r:shell:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=1
[ 2431.850296]  (0)[267:logd.auditd]type=1400 audit(1496528685.141:275): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/6620_launcher" dev="mmcblk0p20" ino=121 scontext=u:r:shell:s0 tcontext=u:object_r:conn_launcher_exec:s0 tclass=file permissive=1
[ 2431.868059]  (1)[267:logd.auditd]type=1400 audit(1496528685.141:276): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/bootanimation" dev="mmcblk0p20" ino=150 scontext=u:r:shell:s0 tcontext=u:object_r:bootanim_exec:s0 tclass=file permissive=1
[ 2431.868243]  (1)[267:logd.auditd]type=1400 audit(1496528685.141:277): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/ccci_fsd" dev="mmcblk0p20" ino=160 scontext=u:r:shell:s0 tcontext=u:object_r:ccci_fsd_exec:s0 tclass=file permissive=1
[ 2431.868369]  (1)[267:logd.auditd]type=1400 audit(1496528685.141:278): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/ccci_mdinit" dev="mmcblk0p20" ino=161 scontext=u:r:shell:s0 tcontext=u:object_r:ccci_mdinit_exec:s0 tclass=file permissive=1
[ 2431.868541]  (1)[267:logd.auditd]type=1400 audit(1496528685.141:279): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/gsm0710muxd" dev="mmcblk0p20" ino=234 scontext=u:r:shell:s0 tcontext=u:object_r:gsm0710muxd_exec:s0 tclass=file permissive=1
[ 2431.868663]  (1)[267:logd.auditd]type=1400 audit(1496528685.151:280): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/uncrypt" dev="mmcblk0p20" ino=487 scontext=u:r:shell:s0 tcontext=u:object_r:uncrypt_exec:s0 tclass=file permissive=1
[ 2431.868784]  (1)[267:logd.auditd]type=1400 audit(1496528685.151:281): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/vold" dev="mmcblk0p20" ino=495 scontext=u:r:shell:s0 tcontext=u:object_r:vold_exec:s0 tclass=file permissive=1
[ 2431.868904]  (1)[267:logd.auditd]type=1400 audit(1496528685.151:282): avc: denied { getattr } for pid=9456 comm="ls" path="/system/bin/wmt_loader" dev="mmcblk0p20" ino=502 scontext=u:r:shell:s0 tcontext=u:object_r:wmt_loader_exec:s0 tclass=file permissive=1