i got some SEAndroid problem, please see the following details :
Debug Command: adb shell logcat | findstr "denied:"
07-06 22:51:41.569 3418 3418 I sh : type=1400 audit(0.0:137): avc: denied { read } for name="demolog-executor.sh" dev="mmcblk0p50" ino=867248 scontext=u:r:dumpstate:s0 tcontext=u:object_r:system_app_data_file:s0 tclass=file permissive=1
07-06 22:51:41.569 3418 3418 I sh : type=1400 audit(0.0:138): avc: denied { open } for path="/data/data/com.demo.LogTool/files/demolog-executor.sh" dev="mmcblk0p50" ino=867248 scontext=u:r:dumpstate:s0 tcontext=u:object_r:system_app_data_file:s0 tclass=file permissive=1
07-06 22:51:43.619 3489 3489 I sh : type=1400 audit(0.0:209): avc: denied { read } for name="clear-logs.sh" dev="mmcblk0p50" ino=867237 scontext=u:r:dumpstate:s0 tcontext=u:object_r:system_app_data_file:s0 tclass=file permissive=1
07-06 22:51:43.619 3489 3489 I sh : type=1400 audit(0.0:210): avc: denied { open } for path="/data/data/com.demo.LogTool/files/clear-logs.sh" dev="mmcblk0p50" ino=867237 scontext=u:r:dumpstate:s0 tcontext=u:object_r:system_app_data_file:s0 tclass=file permissive=1
Then add a selinux rule in dumpstate.te:
allow dumpstate system_app_data_file:file {read open};
But the compile gives me the error message like this:
FAILED: out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy /bin/bash -c "(out/host/linux-x86/bin/secilc -M true -G -c 30 out/target/product/msm8996/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil out/target/product/msm8996/obj/ETC/26.0.cil_intermediates/26.0.cil out/target/product/msm8996/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil -o out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.tmp -f /dev/null ) && (out/host/linux-x86/bin/sepolicy-analyze out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.tmp permissive > out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains ) && (if [ \"userdebug\" = \"user\" -a -s out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains ]; then echo \"==========\" 1>&2; echo \"ERROR: permissive domains not allowed in user builds\" 1>&2; echo \"List of invalid domains:\" 1>&2; cat out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains 1>&2; exit 1; fi ) && (mv out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy.tmp out/target/product/msm8996/obj/ETC/sepolicy_intermediates/sepolicy )" neverallow check failed at out/target/product/msm8996/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:3814 (neverallow base_typeattr_51_26_0 system_app_data_file_26_0 (file (create unlink open))) allow at out/target/product/msm8996/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:7189 (allow dumpstate_26_0 system_app_data_file_26_0 (file (read open))) neverallow check failed at out/target/product/msm8996/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil:4389 from system/sepolicy/public/domain.te:874 (neverallow base_typeattr_51 system_app_data_file (file (create unlink open))) allow at out/target/product/msm8996/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:7189 (allow dumpstate_26_0 system_app_data_file_26_0 (file (read open)))
Failed to generate binary
Failed to build policydb
Can somebody help me, please.