How to completely disable SELinux in Android L in the init.rc file?
the enforce attribute will be Permissive imeddiately.
How to completely disable selinux policy check while building AOSP?
Don't set BOARD_SEPOLICY_DIRS in your device config. So your private sepolicy will not be compiled.
Disabling SELinux in Android 5.0.1
There are two ways that enforcing mode is set. On user builds, it will always be in enforcing. On eng or userdebug, you can control it. You can control it in the standard selinux way, by setting enforcing=1/0 on the kernel command line as outlined in Dan Walsh's blog:
The Android centric way is to set the kernel command line to androidboot.selinux=permissive
You can control the kernel command line by editing your BoardConfig.mk and adding this:
BOARD_KERNEL_CMDLINE += androidboot.selinux=permissive
The Android centric way is enforced by init, if you look in system/core/init/init.cpp look at the selinux_initialize() routine that is called from main().
How to set SELinux to 0 or permissive mode in android 4.4.4 and above?
Apparently Google has removed the
CONFIG_SECURITY_SELINUX_DEVELOP kernel flag from many of their Stock kernels. Thus the standard trick mentioned by William (below) probably doesn't work. An example of these devices is the Samsung Note 4 (SM-N910F) running AOS 4.4.4.
The link above states:
CONFIG_SECURITY_SELINUX_DEVELOP aka global permissive mode, is useful for
when you are first developing device-specific policy for a board (add
'androidboot.selinux=permissive' to BOARD_KERNEL_CMDLINE). It also
permits transient setenforce 0 in -userdebug or -eng builds, which can
be helpful for developers.
If the bootloader is locked, then you can't modify the kernel cmdline
"Also, the code in the init program for processing the
androidboot.selinux= option is only compiled in
-eng builds, so even aside from bootloader locking, you cannot use
androidboot.selinux=permissive on a
The way to check what build type you have is:
$ getprop ro.build.type
Modifying init.rc to add my own android native service
This cannot be done from shell.
init.rc is part of
ramdisk and not
system partition. So at bootup, the
init.rc picked up will be from ramdisk. So whatever changes you do to
init.rc will not get reflected.
AFAIK Only way is to build the ROM and reflash
Check this post, it is related, might help
Execute a daemon in Android init.rc
I got the same issue with nexus 9. I added code to device/htc/flounder/init.flounder.rc but doesnt work.
service pollingclient /system/bin/sh logwrapper
My quick fix is added code to start my daemon in system/core/adb/adb_auth_client.c after fdevent_add(&t->auth_fde, FDE_READ);
system("sleep 5; mydaemon");
It works but its some kind of "quick fix". I am still investigating right solution.
I disable selinux by edit ./arch/arm64/configs/flounder_defconfig set CONFIG_SECURITY_SELINUX=n then recompile kernel and recompile boot.img. Wow, it works!
Download a File Programmatically on Android
How to Keep a Bottom Nav Bar from Being Pushed Up on Keyboard Shown
Photo Rotated from Camera (Samsung Device)
How to Remove the Unnecessary Top Padding of the Navigation View
Remove Items from Listview With a Custom Adapter
Android:Strike Out Text With Bold or Thicker Line Than Default Strike_Thru_Text_Flag
How to Change Background Color of Layout of List-View Item Using Array-Adapter
What Is Install_Parse_Failed_No_Certificates Error
Chrome on Android Resizes Font
How to Get the Result of Onpostexecute() to Main Activity Because Asynctask Is a Separate Class
Android - Transform Classes With Dex for Debug
Check If an Email Exists Before Creating a User Firebase Android
How to Capitalize the First Letter of Text in a Textview in an Android Application
Onclick() to Change Button Border Color Rather Changing Button Color
How to Disable Spinner in Android and Enable It on Button Click
Recyclerview Cannot Be Scrolled
How to Show the Number Keyboard on an Edittext in Android
How to Handle Parameters That Can Be an Array or Object in Retrofit on Android