我想运行 ps 命令来查找系统中正在运行的进程数。但是我在 M 中违反了 SElinux
private int read_procs() {
int nProcs = 0;
String line = null;
// "ps" output
try {
Process p = Runtime.getRuntime().exec("ps");
BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));
if (in == null) {
mLog.e("cmd output _in_ is null");
return 1;
}
while ((line = in.readLine()) != null) {
nProcs++;
}
in.close();
mLog.i("Processes :" + (nProcs-1));
} catch (Exception e) {
e.printStackTrace();
}
return nProcs;
}
如何设置策略以允许“ps”命令访问:
avc: denied { getattr } for path="/proc/2" dev="proc" ino=9461 scontext=u:r:system_app:s0 tcontext=u:r:kernel:s0 tclass=dir permissive=0 ppid=3853 pcomm="Thread-52" tgid=3761 tgcomm="test:app"
谢谢
最佳答案
我通过添加如下规则解决了这个问题
allow [source context] [target context object]:[type] [permission needed];
allow system_app kernel:dir getattr;
-
关于android - 从 APP 运行 "ps"命令的 SELinux 策略,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35265039/