- 1uniapp如何定义全局变量?
- 2SpringBoot学习笔记之集成Druid数据库连接池_springboot集成druid连接池
- 3免费简单好用的 webshell 在线检测:支持 php、jsp、asp等多格式文件
- 4C语言--面向对象编程之继承_c语言继承
- 5Java并发常见面试题_java高并发场景面试题
- 6回归预测 | MATLAB实现CNN-BiLSTM(卷积双向长短期记忆神经网络)多输入单输出
- 7Golang学习之路一八类型别名和转换_golang 字符串转别名
- 8【腾讯云 HAI域探秘】StableDiffusionWebUI一小时搞定100张设计图
- 9关于手机改以太网(有线)静态ip_otg网卡如何修改自己的ip
- 10【ORACLE】查看正在运行的的SQL【全】_oracle查询正在执行的sql
audit2allow 的 -p 参数_audit2allow -p
赞
踩
网络上大量资料都是说audit2allow 要这样用
audit2allow -i avc.log
其实这样是用ubuntu 上的sepolicy去检测 avc.log 中的avc
会报一些莫名其妙的问题:
libsepol.context_from_record: user u is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert u:r:net_recovery:s0 to sid
libsepol.context_from_record: user u is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert u:r:net_recovery:s0 to sid
libsepol.context_from_record: user u is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert u:r:net_recovery:s0 to sid
libsepol.context_from_record: user u is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert u:r:net_recovery:s0 to sid
我们可以加-p参数,让audit2allow用我们编出来的sepolicy
audit2allow -i avc.log -p ./sepolicy
#============= xxx ==============
#!!!! This avc is allowed in the current policy
allow xxx self:udp_socket { create ioctl };
sepolicy 文件在: LINUX/android/out/target/product/xxx/recovery/root/sepolicy
