Magisk/README.txt

29 lines
879 B
Plaintext
Raw Normal View History

2013-06-28 01:42:09 +00:00
Injects allow rules into binary SELinux kernel policies
2013-07-17 02:10:12 +00:00
Injecting a rule:
2015-11-14 16:02:09 +00:00
$ ./sepolicy-inject -s shell -t system -c file -p read -P sepolicy
2013-06-28 01:42:09 +00:00
2015-11-14 16:02:09 +00:00
Injecting multiple permissions:
$ ./sepolicy-inject -s shell -t system -c file -p read,write,open -P sepolicy
2013-06-28 01:42:09 +00:00
2015-11-14 16:02:09 +00:00
Add a type_attribute to a domain:
$ ./sepolicy-inject -s su -a mlstrustedsubject -P sepolicy
2013-06-28 01:42:09 +00:00
2013-07-17 02:10:12 +00:00
Injecting a permissive domain:
2015-11-14 16:02:09 +00:00
$ ./sepolicy-inject -Z shell -P sepolicy
2013-07-17 02:10:12 +00:00
2015-06-07 21:00:43 +00:00
Change a permissive domain to non-permissive:
2015-11-14 16:02:09 +00:00
$ ./sepolicy-inject -z shell -P sepolicy
2015-06-07 21:00:43 +00:00
2015-11-14 16:02:09 +00:00
Test a SELinux type exists:
$ ./sepolicy-inject -e -s shell -P sepolicy
2013-06-28 15:23:25 +00:00
2015-11-14 16:02:09 +00:00
Test a SELinux class exists:
$ ./sepolicy-inject -e -c service_manager -P sepolicy
2013-06-28 15:23:25 +00:00
2015-11-14 16:02:09 +00:00
Add a transition:
$ ./sepolicy-inject -s su_daemon -f device -c file -t su_device -P sepolicy
2013-06-28 15:23:25 +00:00
2015-11-14 16:02:09 +00:00
Add a filename transition:
$ ./sepolicy-inject -s su_daemon -f device -c file -g "socket" -t su_device -P sepolicy