init warning: Service myservice needs a SELinux domain defined. Please fix

Question

I want to excute an executable on boot On a target board with Android 5.1 so I add this in init.rc:

on boot
    start myservice

service myservice /system/bin/myservice
    #class main
    user root
    group root
    #oneshot   

I did the unpack and repack job.
When changes are made, however, the screen keeps printing:

 init warning: Service myservice needs a SELinux domain defined. Please fix.
 type=1400 ... avc:denied ... scontext ... tcontext ... #some annoying warning messages like this

SELinux seems a huge project for me. I just want to avoid that. I tried two approaches:

1. setenv kernelargs 'console=ttyS0,115200n8 rootdelay=1 selinux=0' and saveenv
2. set enforce 0

For method 1, printenv gives the result:

kernelargs=console=ttyS0,115200n8 rootdelay=1 selinux=0

So you see, changes have been made. But the warning messages keeps printing after rebooting.
For method 2, it says:

Could not set enforce status. Permission denied.

So now I'm trapped in the dilema have no idea where to go. My questions:

• 1. Anyone knows how to disable or set permissive mode in android?
• 2. Which files should I modify if I want to define domain for the new service?

Besides, ls -Z /system/bin/myservice gives this:

u:object_r:system_file:s0

Answer 1

1. you need su to set permissive mode. Or you need source code to disable SELinux, such as disable SELinux in kernel config, or disable SELinux in BOARD_KERNEL_CMDLINE in device/vendor_name/product_name/BoardConfig.mk.

2. if you have the source code, you can define the new domain as you wish.

Please refer to the Android official documents: https://source.android.com/security/selinux/device-policy

section: Label new services and address denials