标签:
以adb remount为例
首先运行命令:
adb remount
然后
adb shell dmesg -C | grep avc
<36>[ 113.241627]<0> (0)[281:logd.auditd]type=1400 audit(1438851627.212:214): avc: denied { ioctl } for pid=5684 comm="adbd" path="/dev/block/mmcblk0p20" dev="tmpfs" ino=317 scontext=u:r:adbd:s0 tcontext=u:object_r:platformblk_device:s0 tclass=blk_file permissive=0
<36>[ 113.242282]<0> (0)[281:logd.auditd]type=1400 audit(1438851627.212:215): avc: denied {
remount } for pid=5684 comm="adbd" scontext=u:r:adbd:s0 tcontext=u:object_r:labeledfs:s0 tclass=filesystem permissive=0
<36>[ 113.242551]<0> (0)[281:logd.auditd]type=1400 audit(1438851627.212:216): avc: denied { sys_admin } for pid=5684 comm="adbd" capability=21 scontext=u:r:adbd:s0 tcontext=u:r:adbd:s0 tclass=capability permissive=0
从日志中,我们发现类型为labeledfs, 缺少权限remount
所以要在策略中配置
allow adbd labeledfs:filesystem remount;
其他两条类似
版权声明:本文为博主原创文章,未经博主允许不得转载。
标签:
原文地址:http://blog.csdn.net/oman111/article/details/47320067
