Permission denied error when opening /proc/<PID>/stat file

1
votes

I wrote a daemon, running as system. When it tries to open some /proc//stat entry of process PID which using its library, I get this error of SELinux:

type=1400 audit(1464247244.561:530): avc: denied { search } for pid=22968 comm="Binder_3" name="22899" dev="proc" ino=71342 scontext=u:r:system_app:s0 tcontext=u:r:untrusted_app:s0:c512,c768 tclass=dir permissive=0

Do I miss some “allow” rule to my daemon? The error seems unrelated to it (as if ‘system_app’ domain lack permissions, and not my daemon).

How can I fix it?

1
androidlinuxselinux
Why running your daemon with system app context? Shouldn't it run in a higher selinux context?Daniel

1 Answers

0
votes

You should execute

adb shell ps -eZ | grep  22968

command to find the problematic service or app from command line as your app running at the same time. After you find the victim(app) you have to add /external/sepolicy/service_contexts file a SELinux rule for handling the access violation.