Android 5.0 添加系统服务后,启动的时候报安全错误

I/SystemServer(  326): Hello Service
I/Hello   (  326): Hello Service
E/HelloService(  326): Hello JNI: initializing......  
E/SELinux (   50): avc:  denied  { add } for service=hello scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager
E/ServiceManager(   50): add_service('hello',56) uid=1000 - PERMISSION DENIED
E/SystemServer(  326): Failure starting Hello Service
E/SystemServer(  326): java.lang.SecurityException
E/SystemServer(  326): at android.os.BinderProxy.transactNative(Native Method)
E/SystemServer(  326): at android.os.BinderProxy.transact(Binder.java:496)
E/SystemServer(  326): at android.os.ServiceManagerProxy.addService(ServiceManagerNative.java:150)
E/SystemServer(  326): at android.os.ServiceManager.addService(ServiceManager.java:72)
E/SystemServer(  326): at com.android.server.SystemServer.startOtherServices(SystemServer.java:1031)
E/SystemServer(  326): at com.android.server.SystemServer.run(SystemServer.java:256)
E/SystemServer(  326): at com.android.server.SystemServer.main(SystemServer.java:170)
E/SystemServer(  326): at java.lang.reflect.Method.invoke(Native Method)
E/SystemServer(  326): at java.lang.reflect.Method.invoke(Method.java:372)
E/SystemServer(  326): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899)
E/SystemServer(  326): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694)
I/Hello   (  326): Failure starting Hello Service
I/Hello   (  326): java.lang.SecurityException
I/Hello   (  326): at android.os.BinderProxy.transactNative(Native Method)
I/Hello   (  326): at android.os.BinderProxy.transact(Binder.java:496)
I/Hello   (  326): at android.os.ServiceManagerProxy.addService(ServiceManagerNative.java:150)
I/Hello   (  326): at android.os.ServiceManager.addService(ServiceManager.java:72)
I/Hello   (  326): at com.android.server.SystemServer.startOtherServices(SystemServer.java:1031)
I/Hello   (  326): at com.android.server.SystemServer.run(SystemServer.java:256)
I/Hello   (  326): at com.android.server.SystemServer.main(SystemServer.java:170)
I/Hello   (  326): at java.lang.reflect.Method.invoke(Native Method)
I/Hello   (  326): at java.lang.reflect.Method.invoke(Method.java:372)
I/Hello   (  326): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899)
I/Hello   (  326): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694)

I/AppOps  (  326): Pruning old package media/1013: new uid=-1


这个问题有两个解决方案,

1:在/external/sepolicy/service_contexts 中添加自己要启动的系统服务

2:修改/system/core/rootdir/init.rc 关闭selinux功能setenforce 改为0即可

#
# early init commands
#
 
on init
    # disable Security Enhanced Linux
    setenforce 0
 
    sysclktz 0
 
    loglevel 3
 
#
# other on init commands
#

参考网站:http://stackoverflow.com/questions/30165852/selinux-permission-denied-for-a-new-framework-service-in-android

你可能感兴趣的:(android,安全)