AnsweredAssumed Answered

Run shell script at boot in Android 9.0 on i.MX8M Mini Evk

Question asked by Abhijit Thorat on Aug 2, 2019
Latest reply on Sep 11, 2019 by Diego Adrian Cuevas

Hi,

I am using iMX 8 Mini EVK for my Project. I build Android 9.0 from AOSP for this board.

Now I want to run a script at boot.

I did following changes in files but still I am facing an issue.

 

File : Android_AOSP_build/device/fsl/imx8m/evk_8mm/init.rc

service gea3appservice /vendor/bin/sh /vendor/bin/run.sh
    class late_start
    user root system
    group root system
    oneshot

 

File : Android_AOSP_build/device/fsl/imx8m/evk_8mm/sepolicy/gea3appservice.te

# gea3app service
type gea3appservice, domain;
type gea3appservice_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(gea3appservice)
domain_auto_trans(init, vendor_shell_exec, gea3appservice)

 

File : Android_AOSP_build/device/fsl/imx8m/evk_8mm/sepolicy/file_contexts

/vendor/bin/run.sh   u:object_r:gea3appservice_exec:s0

 

When I manually run service I get following error :

[  134.010656] type=1400 audit(1564667688.236:3740): avc: denied { dac_read_search } for pid=1 comm="init" capability=2 scontext=u:r:init:s0 tcontext=u:r:init:s0 tclass=capability permissive=1

 

Do anyone know this issue?

 

I tried with the approach suggested by Android developer site

Writing SELinux Policy  |  Android Open Source Project 

 

But I get following error

libsepol.report_failure: neverallow on line 1002 of system/sepolicy/public/domain.te (or line 11242 of policy.conf) violated by allow gea3appservice gea3appservice_exec:file { execute entrypoint };

Outcomes