LogCat shows me this message every second
Any ideas on how to repair this error?
2021-01-17 17:41:08.905 174-174/? E/SELinux: avc: denied { find } for pid=25449 uid=2000 name=car_service scontext=u:r:shell:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
2021-01-17 17:41:09.903 174-174/? E/SELinux: avc: denied { find } for pid=25455 uid=2000 name=car_service scontext=u:r:shell:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
This is a SELinux denial. You can ignore it as it won't affect your app. There isn't anything you can do about it (at a user level).
If you are using a custom ROM, the maintainer needs to update their sepolicy.
If you are the maintainer, there are detailed guides on how to understand the denials and write the appropriate the rules for them. One such guide is https://msfjarvis.dev/posts/understanding-and-resolving-selinux-denials-on-android/
If you have any specific doubts in writing the correct rule for this, you can update the question
I had a lot of such errors on my Realme 8i with Android 11 (on a stock firmare) but for another name - tethering:
2023-01-01 15:34:33.134 501 501 system E SELinux : avc: denied { find } for pid=22576
uid=10219 name=tethering scontext=u:r:permissioncontroller_app:s0:c219,c256,c512,c768
tcontext=u:object_r:tethering_service:s0 tclass=service_manager permissive=0
Disabling Tethering hardware acceleration in Developer options immediately stopped such spam.
Related
type=1400 audit(0.0:227002): avc: denied { getattr } for comm=6C696233635F75695F7461736B2023 path="/proc/stat" dev="proc" ino=4026532136 scontext=u:r:untrusted_app:s0:c84,c257,c512,c768 tcontext=u:object_r:proc_stat:s0 tclass=file permissive=0 app=ccc71.at.free
I already looked for permissions that are denied to the app and I allowed the ones that could, I followed the recommendations that are provided in the app but I still cannot pair the hearing aids
My Android application is saving data on SQLite and working fine on various android versions, but when installed from playstore some users cannot use the application, after debugging I get this error
type=1400 audit: avc: denied { read write }
I have added permissions for WRITE EXTERNAL STORAGE, READ EXTERNAL STORAGE but has not solved
I'm implementing a new feature on Android 10(10.0.0_r30) that has to copy files from the data folder to the system folder at runtime. I've tried to do it via 'su cp' in Zygote, since Zygote runs as root, but then I get this error:
type=1400 audit(0.0:61): avc: denied { getattr } for name="su" dev="dm-0" ino=3160 scontext=u:r:zygote:s0 tcontext=u:object_r:su_exec:s0 tclass=file permissive=1
SELinux is disabled and I have no clue where else to look for the resolution of this error. Also, the system folder is writeable(parameter given to the emulator)
Besides that, can anyone tell me how else I could implement this particular task without rooting?
I am using INDExOS/media-for-mobile for ovelaying video in my android app.
It is working fine at Motorola, Samsung, Nexus and Pixel Devices. But I am getting following error in case of HMD Global(Nokia) Devices,
Access denied finding property "acodec.video.buflogging"
W/MediaCodec_loop: type=1400 audit(0.0:2659): avc: denied { read } for name="u:object_r:mtk_em_video_log_acodec_prop:s0" dev="tmpfs" ino=6644 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:mtk_em_video_log_acodec_prop:s0 tclass=file permissive=0
Any help will be appreciated.
I wrote a daemon, running as system.
When it tries to open some /proc//stat entry of process PID which using its library, I get this error of SELinux:
type=1400 audit(1464247244.561:530): avc: denied { search } for pid=22968 comm="Binder_3" name="22899" dev="proc" ino=71342 scontext=u:r:system_app:s0 tcontext=u:r:untrusted_app:s0:c512,c768 tclass=dir permissive=0
Do I miss some “allow” rule to my daemon?
The error seems unrelated to it (as if ‘system_app’ domain lack permissions, and not my daemon).
How can I fix it?
You should execute
adb shell ps -eZ | grep 22968
command to find the problematic service or app from command line as your app running at the same time. After you find the victim(app) you have to add /external/sepolicy/service_contexts file a SELinux rule for handling the access violation.