| T42 | <morciatka> Guys, going to bombard you with my dumb questions yet again. I have mounts working fine but only without selinux being enabled. They break down after I enable selinux to permissive as it is mentioned in the hadk-faq, along with those contexts from my device. | 12:09 |
|---|---|---|
| T42 | <morciatka> selinux disabled, older log with enabled audit since I've already disabled it: | 12:09 |
| T42 | <morciatka> https://paste.opensuse.org/pastes/068a1c247d15 | 12:09 |
| T42 | <morciatka> selinux on permissive, dmesg log as journal doesn't get filled anymore ever since I enabled selinux: | 12:10 |
| T42 | <morciatka> https://paste.opensuse.org/pastes/f5e52ed0459d | 12:10 |
| T42 | <morciatka> I'm currently in town, so I won't be able to test anything until I get back. Pretty sure I'm still missing something. Any ideas would be helpful though. | 12:10 |
| T42 | <elros34> first of all why do you build outdated sfos version? Always build latest. How do you "enable/disable"? Both logs have selinux in permissive mode | 12:44 |
| T42 | <TheVancedGamer> disabling selinux with selinux=0 booted fine, everything mounted | 12:45 |
| T42 | <TheVancedGamer> but lipstick was failing with the libdl_android.so error | 12:45 |
| T42 | <TheVancedGamer> however it was present in /system/lib64 | 12:45 |
| T42 | <elros34> what android base version do you use? | 12:46 |
| T42 | <TheVancedGamer> hybris 17?1 | 12:46 |
| T42 | <TheVancedGamer> 17.1* | 12:46 |
| T42 | <elros34> do you even have CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE? | 12:49 |
| T42 | <TheVancedGamer> not sure, will have to check | 12:49 |
| T42 | <elros34> or just CONFIG_SECURITY_SELINUX_BOOTPARAM | 12:50 |
| T42 | <elros34> if you don't know then you don't have it so your selinux=0 change nothing. You shouldn't need it anyway | 12:53 |
| T42 | <TheVancedGamer> well, I didn't patch the kernel config | 12:54 |
| T42 | <TheVancedGamer> so it is possible it was turned on by the kernel config checker | 12:54 |
| T42 | <elros34> no, kernel config checker doesn't do anything | 12:56 |
| T42 | <elros34> did you add files (not symlinks) according to hadk-faq/hot? | 13:03 |
| T42 | <elros34> I meant this in /etc/selinux | 13:03 |
| T42 | <morciatka> selinux=permissive in the config, selinux=1 in cmdline | 13:04 |
| T42 | <morciatka> | 13:04 |
| T42 | <morciatka> selinux=disabled makes it mount stuff just fine (re @elros34: first of all why do ...) | 13:04 |
| T42 | <morciatka> hybris17.1 as mentioned (re @elros34: what android base ve...) | 13:04 |
| T42 | <morciatka> I don't have this one in the defconfig right now (re @elros34: do you even have CON...) | 13:05 |
| T42 | <morciatka> yes, those are not symlinked and they get loaded just fine by selinux (re @elros34: did you add files (n...) | 13:06 |
| T42 | <elros34> what is selinux=permissive in config? comandline or defconfig? | 13:08 |
| T42 | <morciatka> sorry, I meant the /etc/selinux/config | 13:08 |
| T42 | <morciatka> defconfig has just `CONFIG_SECURITY_SELINUX=y` in it | 13:08 |
| T42 | <elros34> once againIf you don't have CONFIG_SECURITY_SELINUX_BOOTPARAM ( not CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE) then you selinux=0 in commandline do nothing. Basically you shouldn't change single thing related in selinux in defconfig | 13:10 |
| T42 | <morciatka> but I am supposed to have it enabled, right? | 13:10 |
| T42 | <elros34> not to mention selinux=1 which is not even used by kernel and added only because some historical chnages. Leave all selinux defconfig chabges as it was for lineage, don't touch anything | 13:11 |
| T42 | <morciatka> but that wouldn't sort anything, I have to have it enabled anyway | 13:14 |
| T42 | <morciatka> atleast from what hadk-faq says | 13:15 |
| T42 | <morciatka> and the issue is not having mounts when selinux is enabled, not the otherway around | 13:15 |
| T42 | <morciatka> or am I again missing something | 13:15 |
| T42 | <elros34> so maybe I am missing something because all your kernel changes do nothing (they are transparent for kernel). Maybe show your changes in github. hadk-faq says add selinux=1 only for porters which used hybris-16 and added previously selinux=0. Basically selinux=1 do nothing like you would not have it. | 13:20 |
| T42 | <TheVancedGamer> not touching the cmdline at all results in broken mounts and journa | 13:21 |
| T42 | <TheVancedGamer> not touching the cmdline at all results in broken mounts and journal (edited) | 13:21 |
| T42 | <elros34> what about grep -i selinux .config? | 13:22 |
| T42 | <TheVancedGamer> https://paste.myself5.de/quvukemico.ini | 13:22 |
| T42 | <elros34> I don't get it then. I can only tell from your longer log I can see product mount failure. fix it then focus on getting droid-hal-init-working | 13:59 |
| T42 | <elros34> currently it timeouts so some thing will be broken | 14:00 |
| mal | maybe show output of "ls -lR /etc/selinux" so we can see that everything is correct there | 14:47 |
| T42 | <morciatka> mal: will send it after I come home | 14:49 |
| T42 | <morciatka> | 14:49 |
| T42 | <morciatka> it should have the same structure as your fp4 port | 14:49 |
| T42 | <AntonlX> Is there any common fix for *codec_looper* crash when video playing on Qualcomm devices? | 14:55 |
| mal | yeah, fp4 uses symlinks because the port is not done the community way | 14:55 |
| mal | @AntonlX what kind of crash, which android base? | 14:56 |
| T42 | <morciatka> mal: I mean the structure is like that, except that I don't have it symlinked but copied directly. That should be OK I guess, I'll be at home in like a hour or so. | 15:00 |
| *** amccarthy is now known as Guest12955 | 15:11 | |
| *** amccarthy_ is now known as amccarthy | 15:11 | |
| T42 | <AntonlX> mal, hybris-18.1. Any app that plays avc1 video crashes. | 15:17 |
| mal | anything in logs? | 15:34 |
| ecrn | the grep link in the title is broken | 20:35 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!