欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  数据库

How to add the selinux policy access for the new created lin

程序员文章站 2022-04-04 17:12:01
...

When you create the linux file node, such as “dev/nfccard0”, you must add the selinux policy for it, or the application can not get the permit to access. this is an example for the system_server to accecc the dev/nfccard0 file node. we c

When you create the linux file node, such as “dev/nfccard0”, you must add the selinux policy for it, or the application can not get the permit to access.

this is an example for the system_server to accecc the dev/nfccard0 file node.

we can do the following three things to mak the system work smoothly.

1 define the file type

in the file.te add the below line

type nfccard_device,dev_type

2 define the file context

in the file_context.te add the below line

/dev/nfccard0 u:object_r:nfccard_devicd:s0

3 allow the system_server to access it.

Allow system_server nfccard_device:chr_file rw_file_perms

Or

Allow system_server nfccard_device:chr_file {read write open getattr ioctl}

there are many file type , {socket, binder, property,etc}, we must do carefully to avoid influence the system.