SELinux Permissive/Enforcing mode changing with Termux linux terminal android.
Use root mode
$ su
(Give root access termux)
Show what mode SELinux use now
$ getenforce
Set SELinux
$ setenforce 0
(Permissive)
$ setenforce 1
(Enforcing)
Here's a magisk module that sets SElinux even after reboots, it incorporates the commands but sets them everytime the system boots. I posted a modded version of the module if u want SElinux to enforcing instead of permissive and it actually works great
[MODULE] Debugging modules: ADB Root, SELinux Permissive, Enable Eng
These modules are not meant for everyday use. They are intended for debugging and modification of a firmware. They significantly lower security of your device while active and even could softbrick it. You've been warned. ADB Root Magisk Module...
forum.xda-developers.com
Thanks
Related
At first I thought it was maybe because I didnt'nt have enough free space on my sd card so I made sure I had 3GB's free but I still got this when I clicked install:
[13:04:26] Updating configuration file ... done
[13:04:27] >>> begin: install
[13:04:27] Checking mount points ... done
[13:04:27] Checking installation path ... done
[13:04:27] Making new disk image (512 MB) ... fail
[13:04:27] <<< end: install
And this when I try to reconfigure:
[13:02:49] Updating configuration file ... done
[13:02:50] >>> begin: configure
[13:02:50] Mounting partitions:
[13:02:50] / ... fail
[13:02:50] <<< end: configure
When I check my root stutus I get this message:
Congratulations! You have root access!
Super User Application Status:
SuperSU application by Chainfire - version 2.36 - is installed!
System File Properties for Root Access:
Standard Location
Check Command: ls -l /system/bin/su:
Result: /system/bin/su: No such file or directory
Analysis: File /system/bin/su does not exist.
Standard Location
Check Command: ls -l /system/xbin/su:
Result: -rwxr-xr-x root root 71264 2014-11-30 16:22 su
Analysis: Root access IS correctly configured for this file! Executing this file can grant root access! Root user ownership is present and setuid attribute is not present.
Alternative Location
Check Command: ls -l /sbin/su:
Result: /sbin/su: Permission denied
Analysis: File system permissions restricted and denied access.
Alternative Location
Check Command: ls -l /system/xbin/sudo:
Result: /system/xbin/sudo: No such file or directory
Analysis: File /system/xbin/sudo does not exist.
Root User ID and Group ID Status:
Root user id:
uid=0(root)
Root group id:
gid=0(root)
System Environment PATH: /sbin /vendor/bin /system/sbin /system/bin /system/xbin
ADB Shell Default User:
ADB shell setting for standard access, stored in default.prop, is configured as: shell (non root) user - ro.secure=1
Results provided on your SM-T800 - Android 4.4.2 device by Root Checker Pro version 1.3.9 from joeykrim in the Android Market
Can anybody tell me why I get this fail message after clicking install?i
Please help
Thank You
AO!
Same issue
Im currently having the same issue with trying to install kali on my tab s. Have root and even sd formated to ext4 but still issues .
Check your SE(Linux) status on Settings / About Device. If it says Enforcing then this is the cause of the problem.
You need to change it to permissive, but you can't do it on a stock rom. You need a kernel with permissive mode
enable or a custom rom with a permissive kernel.
Good Luck
eupeso4 is wrong. You don't need a different kernel. There is an app called SELinuxModeChanger... It works charms
I've attached the app below.
soulcrusher101 said:
eupeso4 is wrong. You don't need a different kernel. There is an app called SELinuxModeChanger... It works charms
I've attached the app below.
Click to expand...
Click to collapse
Also, go to terminal emulator after this.
Code:
su
getenforce
If you get "Enforcing" as a response, it's FUBAR. you can try to run the command "setenforce 0" as su as a workaround but if the app didn't work, it won't likely work either.
Molikai1988 said:
Also, go to terminal emulator after this.
Code:
su
getenforce
If you get "Enforcing" as a response, it's FUBAR. you can try to run the command "setenforce 0" as su as a workaround but if the app didn't work, it won't likely work either.
Click to expand...
Click to collapse
Okay i got enforcing. my deviceis SC-04E thats is S4 (docomo). i want to set SE Linux to premissive tell me the solution
soulcrusher101 said:
eupeso4 is wrong. You don't need a different kernel. There is an app called SELinuxModeChanger... It works charms
I've attached the app below.
Click to expand...
Click to collapse
Doesn't work on stock kernels.
I tried everything. But it doesn't work even after changing the SELinux to permissive., But after searching a lot, I found a thread which said me to change the partition to ext2. I changed the partition and then it all worked like charm.., If you still have issues, follow the guide in this link from start to end-https://github.com/meefik/linuxdeploy/issues/183, This solved most of the issues I had..
Linux Deploy Mounting Partitions Fail
Bro problem solved by me..
Check out this video
https://youtu.be/n5opus76c3k
Hi, I can't really set SELinux Permissive on boot.
I can only set SELinux Permissive from Terminal using this code:
Code:
su
mount -o remount,rw /system
mkdir /system/su.d
echo "#!/system/bin/sh" > /system/su.d/permissive.sh
echo "setenforce 0" > /system/su.d/permissive.sh
echo "0" > /sys/fs/selinux/enforce
chmod 755 /system/su.d/permissive.sh
but after a reboot it returns in Enforcing mode.
I find and tried other codes around, tried scripts for init.d, Kernel Adiutor's Plungin with active SuperSu on Boot, but nothing.
I have OOS 3.2.1, System Xposed v.86, System Root.
For me, SELinux is Permissive by default. Try setenforce 0 (or 1 i don't remember) and then getenforce. It should print Permissive. Hope i helped!
_MartyMan_ said:
For me, SELinux is Permissive by default. Try setenforce 0 (or 1 i don't remember) and then getenforce. It should print Permissive. Hope i helped!
Click to expand...
Click to collapse
Thanks, but it is not working
https://forums.oneplus.net/threads/how-to-selinux-permissive.314120/
After too many research i found that the kernel (boot image) we have in our device (Moto E4 Mediatek) is a faulty boot image.
It can't mount /system, /cache, / rootfs, /oem and all other partitions in Read-write (RW) state during boot,
they always stay in Read-only (RO) state. only /data (data partition) can be mounted as RW (Read-writeable).
Due to this supersu, magisk and init.d won't work in our device.
phh's superuser only patch boot image and without its superuser app you can't get "su" permissions.
but it is the only method to get root on this device :fingers-crossed:
if you put these simple commands in init.rc they won't execute on boot
Command :
PHP:
mkdir /system/etc/init.d
PHP:
service sysinit /system/bin/sysinit
oneshot
PHP:
on property: sys.boot_completed=1
service sysinit /system/bin/sysinit
oneshot
PHP:
start sysinit
service sysinit /system/bin/sysinit
class late_start
user root
group root
oneshot
disabled
i didn't face such type of problem in my previous Marshmallow running device.
Moto E4 Mediatek
Mounting cifs filesystem is a mandatory feature for my needs. I searched some howto about mounting cifs filesystem on a lineage 14.1 OS and didn't find any solution. I've digged the issue and found out a solution without switching selinux to permissive mode. My device is a tablet samsung tab S.
You need to install some additional pieces of software :
. The su command to get root. Following commands require root.
https://download.lineageos.org/extras
. The busybox suite
https://forum.xda-developers.com/android/software-hacking/tool-busybox-flashable-archs-t3348543
You need this software because the mount command of the lineage toolbox (toybox) doesn't support network filesystems.
. The setools-android with sepolicy-inject
https://forum.xda-developers.com/android/software/setools-android-sepolicy-inject-t2977563
Extract the zip file in /data/setools.
When cifs trys to reconnect on a share, it fails with this avc denied :
Code:
<36>[ 1055.524752] [L1: logd.auditd: 2431] type=1400 audit(1511819085.871:227): avc: denied { net_raw } for pid=6208 comm="cifsd" capability=13 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
So, you must inject the missing policy which prevent cifsd to well functionning. To inject the allow rule, type :
Code:
/data/setools/sepolicy-inject -s kernel -t kernel -c capability -p net_raw -l
. Finally, mount your remote filesystem with the busybox mount command, and you are done !
Code:
DIR=myshare
[ -d /mnt/cifs/$DIR ] || mkdir -p /mnt/cifs/$DIR
/system/xbin/mount -t cifs -o ro,username=xxxx,password=yyyyy,iocharset=utf8,noperm,file_mode=0777,dir_mode=0777,context=u:object_r:sdcardfs:s0 //10.0.1.1/$DIR /mnt/cifs/$DIR
Thank you hmelg, I am having Lienage os 15.1 installed with su addon on samsung galaxy grand prime.If I install the busybox as per your thread above, does it conflict/impact existing lineage tool box in any way ?
must re build kernel ,add nfs
To further ressurrect a dead thread...
I can get my folders to mount where I want them, but only other root enabled apps can see those files. Regular userspace apps see an empty folder at the mount point. Is there a modern solution to this problem? Everything I've found on the internet so far leads me back to that exact same situation.
TWRP compiled from the latest omnirom 9.0 branch with support for Android Pie (9) and its encryption/decryption (backward compatible with older Android versions).
Tested:
Decrypting Pie data partition (with pattern) - Works
Flashing a zip file - Works
MTP - Works
Nandroid backup/restore - Works
Everything else works fine, but use on your own risk!
The build IS UNIFIED (for OP5 and 5T, based on the blu_spark device tree).
This TWRP is treble compatible!
Download:
https://www.androidfilehost.com/?w=files&flid=281621
Source code:
https://github.com/engstk/android_device_oneplus_cheeseburger
https://github.com/omnirom/android_bootable_recovery
Credits: @eng.stk @Dees_Troy
And the whole TWRP/Omnirom team
It works great, thank you!
Mirrors here! (including themed, un-unthemed, treble and non-treble versions)
Thanks. It works.
Hey, quick question, i'm on DU (8.1) and my device says "Device is decrypted" , does this mean i don't have to wipe data in order to flash a 9.0 ROM? Thanks in advance!
Fechinator said:
Hey, quick question, i'm on DU (8.1) and my device says "Device is decrypted" , does this mean i don't have to wipe data in order to flash a 9.0 ROM? Thanks in advance!
Click to expand...
Click to collapse
A data wipe is always recommended while switching between major Android versions to avoid running into issues, minor or major.
I can't use twrp since it can't recognize my password
can this build fix this problem ??
Works perfectly just like your Roms
Thank you very much
the link to download doesn't work!
Sent from my [device_name] using XDA-Developers Legacy app
sharaq said:
the link to download doesn't work![/url]
Click to expand...
Click to collapse
Issue is definitely at your end. I just tested downloading and it went fine. It's an AndroidFileHost folder link.
Works good. Tested on crDroid Pie.
Thank you for this.
Seems Afh is having some issue here too.
Sent from my ONEPLUS A5000 using Tapatalk
Tried again, working now. ( ಠ◡ಠ )
I have an encrypted device, i want to stay encrypted after installing pie ROMs, is this recovery keep my device encrypted or it will remove the encryption? Need some guidance
Alipk52 said:
I have an encrypted device, i want to stay encrypted after installing pie ROMs, is this recovery keep my device encrypted or it will remove the encryption? Need some guidance
Click to expand...
Click to collapse
You will remain encrypted if the ROM supports encryption but this recovery is experimental according to the title
Aroma OpenGApps 9.0 arm64 breaks when starting to install. On Oneplus 5, Lineage OS 16.0 experimental by codeworkx.
Works for me using pixen2 rom !
siankatabg said:
TWRP compiled from the latest omnirom 9.0 branch with support for decrypting the Android Pie (9) encryption (backward compatible with older Android versions).
Tested:
Decrypting Pie data partition (with pattern) - Works
Flashing a zip file - Works
MTP - Works
Nandroid backup/restore - Works
All else should work fine, but the whole recovery is experimental, so use on your own risk!
The build should be unified (for OP5 and 5T, based on the blu_spark device tree), but it was tested only on Oneplus 5! This TWRP is treble compatible.
Download:
https://www.androidfilehost.com/?w=files&flid=281621
Source code:
https://github.com/engstk/android_device_oneplus_cheeseburger
https://github.com/omnirom/android_bootable_recovery
Credits: @[email protected]_Troy
And the whole TWRP/Omnirom team
Click to expand...
Click to collapse
Working perfect on PixEn2 9.0
Tried this recovery out with Oxygen OS 8.1 Beta 19, magisk 17.2 beta. When I go to recovery -> Backup -> Select everything and try to make a backup, everything goes fine until the very last minute, when the "createTarFork() process ended with ERROR: 255" error pops up followed by "Backup Failed. Cleaning Backup Folder.". Here is the last few lines from the recovery.log for reference.
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.apps.messaging/1538020684432.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.apps.messaging/1538020684442.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.apps.messaging/1538020684447.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.dialer' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
found policy '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.dialer' - '1CE0' - '0cbd0fc0ceed9bb2'
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.dialer/1537817225643.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.dialer/1537817225646.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.dialer/1537817225650.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.contacts' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
found policy '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.contacts' - '1CE0' - '0cbd0fc0ceed9bb2'
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.contacts/1537954281562.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.contacts/1537954281602.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/shortcut_service/bitmaps/com.google.android.contacts/1537954281623.png' including root: 1
==> set selinux context: ubject_r:shortcut_manager_icons:s0
I:addFile '/data/system_ce/0/recent_images' including root: 1
==> set selinux context: ubject_r:system_data_file:s0
found policy '/data/system_ce/0/recent_images' - '1CE0' - '0cbd0fc0ceed9bb2'
I:addFile '/data/system_ce/999' including root: 1
==> set selinux context: ubject_r:system_data_file:s0
failed to lookup tar policy for '/data/system_ce/999' - '2507fb304b76812a'
I:Error adding file '/data/system_ce/999' to '/data/media/0/TWRP/BACKUPS/33e1533a/2018-09-27--09-49-58/data.ext4.win010'
Error creating backup.
I:ERROR tarList for thread ID 0
Error creating backup.
I:InfoManager saving '/data/media/0/TWRP/BACKUPS/33e1533a/2018-09-27--09-49-58/data.info'
createTarFork() process ended with ERROR: 255
Backup Failed. Cleaning Backup Folder.
I:Copying file /tmp/recovery.log to /data/media/0/TWRP/BACKUPS/33e1533a/2018-09-27--09-49-58/recovery.log
Click to expand...
Click to collapse
Any help in identifying and sorting this out is greatly appreciated. I would like to install the Pixen Pie and would like to take a full backup before proceeding.
Hi Im new here,
the swap button order missing
edited: and also sim card on off
srikaran said:
Tried this recovery out with Oxygen OS 8.1 Beta 19, magisk 17.2 beta. When I go to recovery -> Backup -> Select everything and try to make a backup, everything goes fine until the very last minute, when the "createTarFork() process ended with ERROR: 255" error pops up followed by "Backup Failed. Cleaning Backup Folder.". Here is the last few lines from the recovery.log for reference.
Any help in identifying and sorting this out is greatly appreciated. I would like to install the Pixen Pie and would like to take a full backup before proceeding.
Click to expand...
Click to collapse
After waiting and further searching and all, I came to know that deleting the so called 999 folders does the trick where it lets you backup in twrp. So, I created a del999.sh script with the following commands in it
Code:
rm -rf /data/system/999
rm -rf /data/system_ce/999
rm -rf /data/system_de/999
rm -rf /data/misc/999
rm -rf /data/misc_ce/999
rm -rf /data/misc_de/999
rm -rf /data/user/999
rm -rf /data/user_ce/999
rm -rf /data/user_de/999
In twrp, I navigated to Advanced - Terminal. In there, typed the following commands
Code:
cd sdcard
chmod +x del999.sh
./del999.sh
After this navigating to twrp and back up works just fine.
To restore however, the same steps worked for the most part. However, I had to do a factory reset first, followed by a reboot to recovery followed by del999 and then restore worked. Trying to boot into the system now, fingers crossed, hopefully everything will work as expected.