在Android 6.0中,我试图sample
在/ data分区的文件夹中创建一个空文件:/data/sample/emptyfile
。
该代码是从安装在以下库中的库运行的 /external
File file = new File(/data/sample/emptyfile);
try {
file.createNewFile();
} catch (IOException e) {
e.printStackTrace();
}
我已经sample
在源上为文件夹分配了适当的权限/system/core/libcutils/fs_config.c
我尝试添加以下代码变体:
/* Rules for directories.
** These rules are applied based on "first match", so they
** should start with the most specific path and work their
** way up to the root.
*/
static const struct fs_path_config android_dirs[] = {
{ 00777, AID_ROOT, AID_ROOT, 0, "data/sample" },
{ 00770, AID_SYSTEM, AID_CACHE, 0, "cache" },
... etc.
并在:
/* Rules for files.
** These rules are applied based on "first match", so they
** should start with the most specific path and work their
** way up to the root. Prefixes ending in * denotes wildcard
** and will allow partial matches.
*/
static const char conf_dir[] = "/system/etc/fs_config_dirs";
static const char conf_file[] = "/system/etc/fs_config_files";
static const struct fs_path_config android_files[] = {
{ 00777, AID_ROOT, AID_ROOT, 0, "data/sample/*" },
{ 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.rc" },
... etc.
我试图同时使用AID_ROOT, AID_ROOT
和AID_SYSTEM, AID_SYSTEM
该文件夹sample
在编译时已成功创建,并且权限为:drw-rw-rw-
根据文件浏览器(即使我分配了777,也没有执行权限)。
不过,当尝试创建文件时,logcat会打印:
02-27 17:33:30.097: W/System.err(1939): java.io.IOException: open failed: EACCES (Permission denied)
02-27 17:33:30.097: W/System.err(1939): at java.io.File.createNewFile(File.java:939)
02-27 17:33:30.097: W/System.err(1939): at com.android.incallui.InCallPresenter (...)
02-27 17:33:30.097: W/System.err(1939): at com.android.incallui.CallList.notifyGenericListeners(CallList.java:541)
02-27 17:33:30.097: W/System.err(1939): at com.android.incallui.CallList.onUpdate(CallList.java:188)
02-27 17:33:30.098: W/System.err(1939): at com.android.incallui.Call.update(Call.java:311)
02-27 17:33:30.098: W/System.err(1939): at com.android.incallui.Call.-wrap0(Call.java)
02-27 17:33:30.098: W/System.err(1939): at com.android.incallui.Call$1.onDetailsChanged(Call.java:208)
02-27 17:33:30.098: W/System.err(1939): at android.telecom.Call$4.run(Call.java:1156)
02-27 17:33:30.098: W/System.err(1939): at android.os.Handler.handleCallback(Handler.java:739)
02-27 17:33:30.098: W/System.err(1939): at android.os.Handler.dispatchMessage(Handler.java:95)
02-27 17:33:30.098: W/System.err(1939): at android.os.Looper.loop(Looper.java:148)
02-27 17:33:30.098: W/System.err(1939): at android.app.ActivityThread.main(ActivityThread.java:5417)
02-27 17:33:30.098: W/System.err(1939): at java.lang.reflect.Method.invoke(Native Method)
02-27 17:33:30.098: W/System.err(1939): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
02-27 17:33:30.098: W/System.err(1939): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
02-27 17:33:30.098: W/System.err(1939): Caused by: android.system.ErrnoException: open failed: EACCES (Permission denied)
02-27 17:33:30.098: W/System.err(1939): at libcore.io.Posix.open(Native Method)
02-27 17:33:30.098: W/System.err(1939): at libcore.io.BlockGuardOs.open(BlockGuardOs.java:186)
02-27 17:33:30.098: W/System.err(1939): at java.io.File.createNewFile(File.java:932)
02-27 17:33:30.098: W/System.err(1939): ... 16 more
仅仅因为您在Android中具有DAC(rwx)权限,并不意味着您具有相应的SELinux权限。由于您正在获取EACCES,并且如果您的文件确实是777,我想您是在试图访问SELinux时遭到SELinux拒绝。如果您拒绝Logcat或dmesg,则应该进行avc拒绝。
可能在AOSP中某处设置了防护措施,以防止世界可写或世界可读的目录或文件。尝试将权限降低到合理的水平,例如目录为00771,文件为00644。
无论如何,使文件在世界范围内可读或可写是一个可怕的,通常是不必要的想法。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句