Lines Matching full:selinux
1 page.title=Validating SELinux
27 <p>Android strongly encourages OEMs to test their SELinux implementations
28 thoroughly. As manufacturers implement SELinux, they should apply the new
31 <p>Once applied, make sure SELinux is running in the correct mode on the device by
34 <p>This will print the global SELinux mode: either Disabled, Enforcing, or
35 Permissive. Please note, this command shows only the global SELinux mode. To
36 determine the SELinux mode for each domain, you must examine the corresponding
42 SELinux output to dmesg on these devices and refine settings prior to public
43 release in permissive mode and eventual switch to enforcing mode. SELinux log
49 components are in violation of SELinux policy. Manufacturers can then repair
50 this bad behavior, either by changes to the software, SELinux policy, or both.</p>
100 <p>To turn a device?s SELinux enforcement into globally permissive via ADB, as
110 androidboot.selinux=permissive
111 androidboot.selinux=disabled
112 androidboot.selinux=enforcing
117 <p>The <code>selinux/policycoreutils/audit2allow</code> tool takes <code>dmesg</code> denials and converts them into corresponding SELinux policy statements. As
118 such, it can greatly speed SELinux development. To install it, run:</p>
131 overreaching permissions. For example, feeding audit2allow the <code>rmt_storage</code> denial shown earlier results in the following suggested SELinux policy
