I have an app that connects to my socket server running within mediaserver (in my audio HAL)
SElinux throws this log when connecting (from dmesg):
[ 251.022149] type=1400 audit(1491810054.932:24): avc: denied { connectto } for pid=9065 comm="com.gps.app1" path=0073727663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:r:mediaserver:s0 tclass=unix_stream_socket permissive=1
I tried feeding it to audit2allow to get te file, but it returns a blank rule:
gps@gps-HP-ProBook-4540s:~$ audit2allow -i ~/gps-ott/selinux/denied.txt -m appcon
module appcon 1.0;
gps@gps-HP-ProBook-4540s:~$
Can someone point me to what I did wrong, or what te file could be used to allow this connection?
Did you supply the compiled sepolicy from 'out'? You should.
audit2allow -p ./out/target/product/<your-device>/root/sepolicy