On a rooted Android 6.0.1 device, I would like to have a tmpfs writable by the user. I do:
mkdir /sdcard/test
su
mount -t tmpfs -o size=512m tmpfs /sdcard/test
#Note that the permissions of /sdcard/test have changed
chmod 0771 /sdcard/test
chown root:sdcard_rw /sdcard/test
exit
touch /sdcard/test/aa
mount reports:
tmpfs /storage/emulated/0/test tmpfs rw,seclabel,relatime,size=524288k 0 0
But I get:
touch: '/sdcard/test/aa': Permission denied
So I can't write to /sdcard/test as the standard user (through shell or an application). What am I doing wrong? I have also tried to create the mount in /data/ and it's the same problem.
EDIT 1:
I have tried on an Android 4.4 device and it's working. So, something has changed and has been restricted on a later version. I'm wondering if 5.x is impacted too.
EDIT 2:
Strangely, mount reports the mount point twice:
tmpfs /mnt/runtime/default/emulated/0/test tmpfs rw,seclabel,relatime,size=524288k 0 0
tmpfs /storage/emulated/0/test tmpfs rw,seclabel,relatime,size=524288k 0 0
EDIT 3:
When I do the file touch as a user, the kernel reports the following:
[54484.588865] type=1400 audit(1452975001.917:150): avc: denied { write } for pid=30781 comm="touch" name="/" dev="tmpfs" ino=398770 scontext=u:r:shell:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
"su -c setenforce 0" fixes the problem. See https://source.android.com/security/selinux/validate.html