I want to set the SELinux (Security Enhanced Linux) mode to Permissive or (0) on android 4.4.4 (and above if possible). I use the following command: setenforce 0, setenforce permissive and setenforce Permissive under root (my device is rooted). But the output of getenforce is always Enforcing. Now I am exhausted with this problem.
Can any one give me a solution? Thanks in advance.
Apparently Google has removed the CONFIG_SECURITY_SELINUX_DEVELOP kernel flag from many of their Stock kernels. Thus the standard trick mentioned by William (below) probably doesn't work. An example of these devices is the Samsung Note 4 (SM-N910F) running AOS 4.4.4.
The link above states:
CONFIG_SECURITY_SELINUX_DEVELOP aka global permissive mode, is useful for when you are first developing device-specific policy for a board (add 'androidboot.selinux=permissive' to BOARD_KERNEL_CMDLINE). It also permits transient setenforce 0 in -userdebug or -eng builds, which can be helpful for developers.
If the bootloader is locked, then you can't modify the kernel cmdline
"Also, the code in the init program for processing the
androidboot.selinux= option is only compiled in -userdebug and -eng builds, so even aside from bootloader locking, you cannot use
androidboot.selinux=permissive on a -user build."
The way to check what build type you have is:
$ getprop ro.build.type
user