After building my own boot image for the Android 6 based Razer Forge TV and patching adb to allow root I noticed that I still cannot access the /data directory:
root@pearlyn:/ # ls -l /data opendir failed, Permission denied root@pearlyn:/ # id uid=0(root) gid=0(root) groups=0(root),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
adb logcat showed the following:
10-01 17:30:23.079 2427 2427 W sh : type=1400 audit(0.0:30): avc: denied { dac_override } for capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
So the problem is that despite being root, my SELinux context u:r:shell:s0 prevents me from doing all the things I want to.
Disabling SELinux
You can check if SELinux is enabled with getenforce:
root@pearlyn:/ # getenforce Enforcing
I tried different things to disable SELinux, but all of them failed:
-
Modify kernel cmdline parameter in the boot image to disable SELinux:
enforcing=0 androidboot.selinux=permissive
-
Disable SELinux in adb shell:
setenforce permissive
Adding this to the boot image's init.rc did also not help.
-
Disable some SELinux specific commands in the boot image's init.rc:
setprop selinux.reload_policy 1 restorecon_recursive /data
-
Give adbd root capabilities in init.rc by changing u:r:adbd:s0 to u:r:su:s0:
service adbd /sbin/adbd --root_seclabel=u:r:su:s0 seclabel u:r:su:s0
In this case, I could not connect via adb anymore:
connection refused
, which means adbd could not start.
I could not access /data whatever I did.
User mode
Then I found out that SELinux cannot be disabled in user mode firmware builds! The Android documentation states:
SELinux enforcement can be disabled via ADB on userdebug or eng builds. To do so, first switch ADB to root by running adb root. Then, to disable SELinux enforcement, run:
adb shell setenforce 0
The Razer Forge TV firmware M-144 is a user build, though:
root@pearlyn:/ # getprop ro.build.type user
There is no way to disable SELinux on user builds unless you build your own kernel and probably the SELinux library.