前回、brillo emulatorを強制起動してみましたので、中を覗いていってみたいと思います。
前回気になったのは、selinuxのpolicy violationの数々
capability: warning: `wpa_supplicant' uses 32-bit capabilities (legacy support in use)
type=1400 audit(1448466976.510:11): avc: denied { write } for pid=1039 comm="logd" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466977.090:12): avc: denied { write } for pid=1039 comm="logd" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466977.210:13): avc: denied { write } for pid=1039 comm="logd" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466978.490:14): avc: denied { write } for pid=1039 comm="logd" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466980.620:15): avc: denied { write } for pid=1060 comm="logd.writer" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466980.940:16): avc: denied { write } for pid=1060 comm="logd.writer" name="property_service" dev="tmpfs" ino=528 scontext=u:r:logd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
type=1400 audit(1448466981.500:17): avc: denied { search } for pid=1094 comm="bluetoothtbd" name="cpuctl" dev="tmpfs" ino=748 scontext=u:r:bluetoothtbd:s0 tcontext=u:object_r:cpuctl_device:s0 tclass=dir permissive=0
type=1400 audit(1448466982.270:18): avc: denied { search } for pid=1052 comm="keystore" name="cpuctl" dev="tmpfs" ino=748 scontext=u:r:keystore:s0 tcontext=u:object_r:cpuctl_device:s0 tclass=dir permissive=0
type=1400 audit(1448466982.280:19): avc: denied { search } for pid=1055 comm="Binder_2" name="cpuctl" dev="tmpfs" ino=748 scontext=u:r:sensorservice:s0 tcontext=u:object_r:cpuctl_device:s0 tclass=dir permissive=0
type=1400 audit(1448466982.320:20): avc: denied { sys_nice } for pid=1055 comm="Binder_2" capability=23 scontext=u:r:sensorservice:s0 tcontext=u:r:sensorservice:s0 tclass=capability permissive=0
type=1400 audit(1448466982.320:21): avc: denied { sys_nice } for pid=1098 comm="sensorservice" capability=23 scontext=u:r:sensorservice:s0 tcontext=u:r:sensorservice:s0 tclass=capability permissive=0
type=1400 audit(1448466982.320:22): avc: denied { sys_nice } for pid=1098 comm="Binder_1" capability=23 scontext=u:r:sensorservice:s0 tcontext=u:r:sensorservice:s0 tclass=capability permissive=0
type=1400 audit(1448466982.330:23): avc: denied { sys_nice } for pid=1098 comm="Binder_1" capability=23 scontext=u:r:sensorservice:s0 tcontext=u:r:sensorservice:s0 tclass=capability permissive=0
type=1400 audit(1448466990.980:24): avc: denied { search } for pid=1119 comm="mediaserver" name="cpuctl" dev="tmpfs" ino=748 scontext=u:r:mediaserver:s0 tcontext=u:object_r:cpuctl_device:s0 tclass=dir permissive=0
というわけで、解析作業の邪魔なので、selinuxを無効化してみましょう。
まず、selinuxがかかっていることの確認
$ ls
type=1400 audit(1448467661.040:25): avc: denied { getattr } for pid=1141 comm="ls" path="/init" dev="sda" ino=22 scontext=u:r:shell:s0 tcontext=u:object_r:init_exec:s0 tclass=file permissive=0
ls: ./init: Permission denied
acct dev init.rc property_contexts sepolicy
cache etc init.usb.rc root service_contexts
config file_contexts.bin lost+found sbin storage
d fstab.device mnt sdcard sys
data init.environ.rc oem seapp_contexts system
default.prop init.qemu.rc proc selinux_version ueventd.rc
はい。このようにenforceされているので、auditのlogがでます。
selinuxの無効化
$ su
# setenforce 0
type=1404 audit(1448467710.180:26): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295
# getenforce
Permissive
とすると、
# ls /
acct etc init.usb.rc sbin sys
cache file_contexts.bin lost+found sdcard system
config fstab.device mnt seapp_contexts ueventd.rc
d init oem selinux_version
data init.environ.rc proc sepolicy
default.prop init.qemu.rc property_contexts service_contexts
dev init.rc root storage
このように、selinuxに邪魔されなくなります。
つづく。