我们在调试开发阶段,经常需要把selinux关闭,则我们修通过设置uboot env来设置为允许状态:setenv EnableSelinux permissive;save
我们如果需要一直设置为permissive模式,不需要通过uboot env去控制,可以这样修改(android 9.0上面验证):
system/core/init下面打patch:
diff --git a/init/selinux.cpp b/init/selinux.cpp
index 0ba5c4a..ab457d5
--- a/init/selinux.cpp
+++ b/init/selinux.cpp
@@ -392,7 +392,7 @@ void SelinuxInitialize() {
bool kernel_enforcing = (security_getenforce() == 1);
bool is_enforcing = IsEnforcing();
if (kernel_enforcing != is_enforcing) {
- if (security_setenforce(is_enforcing)) {
+ if (security_setenforce(0)) {
PLOG(FATAL) << "security_setenforce(%s) failed" << (is_enforcing ? "true" : "false");
}
}