Better Mobile App

curl: (3) <url> malformed <<installing repo error>>

while trying to install repo and running cmd
$ curl http://android.git.kernel.org/repo >~/bin/repo
i get the following error.
Code:
import optparse
import os
import re
import readline
import subprocess
import sys
home_dot_repo = os.path.expanduser('~/.repoconfig')
gpg_dir = os.path.join(home_dot_repo, 'gnupg')
extra_args = []
init_optparse = optparse.OptionParser(usage="repo init -u url [options]")
# Logging
group = init_optparse.add_option_group('Logging options')
group.add_option('-q', '--quiet',
dest="quiet", action="store_true", default=False,
help="be quiet")
# Manifest
group = init_optparse.add_option_group('Manifest options')
group.add_option('-u', '--manifest-url',
dest='manifest_url',
help='manifest repository location', metavar='URL')
group.add_option('-o', '--origin',
dest='manifest_origin',
help="use REMOTE instead of 'origin' to track upstream",
metavar='REMOTE')
group.add_option('-b', '--manifest-branch',
dest='manifest_branch',
help='manifest branch or revision', metavar='REVISION')
group.add_option('-m', '--manifest-name',
dest='manifest_name',
help='initial manifest file (deprecated)',
metavar='NAME.xml')
group.add_option('--mirror',
dest='mirror', action='store_true',
help='mirror the forrest')
# Tool
group = init_optparse.add_option_group('repo Version options')
group.add_option('--repo-url',
dest='repo_url',
help='repo repository location', metavar='URL')
group.add_option('--repo-branch',
dest='repo_branch',
help='repo branch or revision', metavar='REVISION')
group.add_option('--no-repo-verify',
dest='no_repo_verify', action='store_true',
help='do not verify repo source code')
class CloneFailure(Exception):
"""Indicate the remote clone of repo itself failed.
"""
def _Init(args):
"""Installs repo by cloning it over the network.
"""
opt, args = init_optparse.parse_args(args)
if args or not opt.manifest_url:
init_optparse.print_usage()
sys.exit(1)
url = opt.repo_url
if not url:
url = REPO_URL
extra_args.append('--repo-url=%s' % url)
branch = opt.repo_branch
if not branch:
branch = REPO_REV
extra_args.append('--repo-branch=%s' % branch)
if branch.startswith('refs/heads/'):
branch = branch[len('refs/heads/'):]
if branch.startswith('refs/'):
print >>sys.stderr, "fatal: invalid branch name '%s'" % branch
raise CloneFailure()
if not os.path.isdir(repodir):
try:
os.mkdir(repodir)
except OSError, e:
print >>sys.stderr, \
'fatal: cannot make %s directory: %s' % (
repodir, e.strerror)
# Don't faise CloneFailure; that would delete the
# name. Instead exit immediately.
#
sys.exit(1)
_CheckGitVersion()
try:
if _NeedSetupGnuPG():
can_verify = _SetupGnuPG(opt.quiet)
else:
can_verify = True
if not opt.quiet:
print >>sys.stderr, 'Getting repo ...'
print >>sys.stderr, ' from %s' % url
dst = os.path.abspath(os.path.join(repodir, S_repo))
_Clone(url, dst, opt.quiet)
if can_verify and not opt.no_repo_verify:
rev = _Verify(dst, branch, opt.quiet)
else:
rev = 'refs/remotes/origin/%s^0' % branch
_Checkout(dst, branch, rev, opt.quiet)
except CloneFailure:
if opt.quiet:
print >>sys.stderr, \
'fatal: repo init failed; run without --quiet to see why'
raise
def _CheckGitVersion():
cmd = [GIT, '--version']
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE)
ver_str = proc.stdout.read().strip()
proc.stdout.close()
proc.wait()
if not ver_str.startswith('git version '):
print >>sys.stderr, 'error: "%s" unsupported' % ver_str
raise CloneFailure()
ver_str = ver_str[len('git version '):].strip()
ver_act = tuple(map(lambda x: int(x), ver_str.split('.')[0:3]))
if ver_act < MIN_GIT_VERSION:
need = '.'.join(map(lambda x: str(x), MIN_GIT_VERSION))
print >>sys.stderr, 'fatal: git %s or later required' % need
raise CloneFailure()
def _NeedSetupGnuPG():
if not os.path.isdir(home_dot_repo):
return True
kv = os.path.join(home_dot_repo, 'keyring-version')
if not os.path.exists(kv):
return True
kv = open(kv).read()
if not kv:
return True
kv = tuple(map(lambda x: int(x), kv.split('.')))
if kv < KEYRING_VERSION:
return True
return False
def _SetupGnuPG(quiet):
if not os.path.isdir(home_dot_repo):
try:
os.mkdir(home_dot_repo)
except OSError, e:
print >>sys.stderr, \
'fatal: cannot make %s directory: %s' % (
home_dot_repo, e.strerror)
sys.exit(1)
if not os.path.isdir(gpg_dir):
try:
os.mkdir(gpg_dir, 0700)
except OSError, e:
print >>sys.stderr, \
'fatal: cannot make %s directory: %s' % (
gpg_dir, e.strerror)
sys.exit(1)
env = dict(os.environ)
env['GNUPGHOME'] = gpg_dir
cmd = ['gpg', '--import']
try:
proc = subprocess.Popen(cmd,
env = env,
stdin = subprocess.PIPE)
except OSError, e:
if not quiet:
print >>sys.stderr, 'warning: gpg (GnuPG) is not available.'
print >>sys.stderr, 'warning: Installing it is strongly encouraged.'
print >>sys.stderr
return False
proc.stdin.write(MAINTAINER_KEYS)
proc.stdin.close()
if proc.wait() != 0:
print >>sys.stderr, 'fatal: registering repo maintainer keys failed'
sys.exit(1)
print
fd = open(os.path.join(home_dot_repo, 'keyring-version'), 'w')
fd.write('.'.join(map(lambda x: str(x), KEYRING_VERSION)) + '\n')
fd.close()
return True
def _SetConfig(local, name, value):
"""Set a git configuration option to the specified value.
"""
cmd = [GIT, 'config', name, value]
if subprocess.Popen(cmd, cwd = local).wait() != 0:
raise CloneFailure()
def _Fetch(local, quiet, *args):
cmd = [GIT, 'fetch']
if quiet:
cmd.append('--quiet')
err = subprocess.PIPE
else:
err = None
cmd.extend(args)
cmd.append('origin')
proc = subprocess.Popen(cmd, cwd = local, stderr = err)
if err:
proc.stderr.read()
proc.stderr.close()
if proc.wait() != 0:
raise CloneFailure()
def _Clone(url, local, quiet):
"""Clones a git repository to a new subdirectory of repodir
"""
try:
os.mkdir(local)
except OSError, e:
print >>sys.stderr, \
'fatal: cannot make %s directory: %s' \
% (local, e.strerror)
raise CloneFailure()
cmd = [GIT, 'init', '--quiet']
try:
proc = subprocess.Popen(cmd, cwd = local)
except OSError, e:
print >>sys.stderr
print >>sys.stderr, "fatal: '%s' is not available" % GIT
print >>sys.stderr, 'fatal: %s' % e
print >>sys.stderr
print >>sys.stderr, 'Please make sure %s is installed'\
' and in your path.' % GIT
raise CloneFailure()
if proc.wait() != 0:
print >>sys.stderr, 'fatal: could not create %s' % local
raise CloneFailure()
_SetConfig(local, 'remote.origin.url', url)
_SetConfig(local, 'remote.origin.fetch',
'+refs/heads/*:refs/remotes/origin/*')
_Fetch(local, quiet)
_Fetch(local, quiet, '--tags')
def _Verify(cwd, branch, quiet):
"""Verify the branch has been signed by a tag.
"""
cmd = [GIT, 'describe', 'origin/%s' % branch]
proc = subprocess.Popen(cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
cwd = cwd)
cur = proc.stdout.read().strip()
proc.stdout.close()
proc.stderr.read()
proc.stderr.close()
if proc.wait() != 0 or not cur:
print >>sys.stderr
print >>sys.stderr,\
"fatal: branch '%s' has not been signed" \
% branch
raise CloneFailure()
m = re.compile(r'^(.*)-[0-9]{1,}-g[0-9a-f]{1,}$').match(cur)
if m:
cur = m.group(1)
if not quiet:
print >>sys.stderr
print >>sys.stderr, \
"info: Ignoring branch '%s'; using tagged release '%s'" \
% (branch, cur)
print >>sys.stderr
env = dict(os.environ)
env['GNUPGHOME'] = gpg_dir
cmd = [GIT, 'tag', '-v', cur]
proc = subprocess.Popen(cmd,
stdout = subprocess.PIPE,
stderr = subprocess.PIPE,
cwd = cwd,
env = env)
out = proc.stdout.read()
proc.stdout.close()
err = proc.stderr.read()
proc.stderr.close()
if proc.wait() != 0:
print >>sys.stderr
print >>sys.stderr, out
print >>sys.stderr, err
print >>sys.stderr
raise CloneFailure()
return '%s^0' % cur
def _Checkout(cwd, branch, rev, quiet):
"""Checkout an upstream branch into the repository and track it.
"""
cmd = [GIT, 'update-ref', 'refs/heads/default', rev]
if subprocess.Popen(cmd, cwd = cwd).wait() != 0:
raise CloneFailure()
_SetConfig(cwd, 'branch.default.remote', 'origin')
_SetConfig(cwd, 'branch.default.merge', 'refs/heads/%s' % branch)
cmd = [GIT, 'symbolic-ref', 'HEAD', 'refs/heads/default']
if subprocess.Popen(cmd, cwd = cwd).wait() != 0:
raise CloneFailure()
cmd = [GIT, 'read-tree', '--reset', '-u']
if not quiet:
cmd.append('-v')
cmd.append('HEAD')
if subprocess.Popen(cmd, cwd = cwd).wait() != 0:
raise CloneFailure()
def _FindRepo():
"""Look for a repo installation, starting at the current directory.
"""
dir = os.getcwd()
repo = None
while dir != '/' and not repo:
repo = os.path.join(dir, repodir, REPO_MAIN)
if not os.path.isfile(repo):
repo = None
dir = os.path.dirname(dir)
return (repo, os.path.join(dir, repodir))
class _Options:
help = False
def _ParseArguments(args):
cmd = None
opt = _Options()
arg = []
for i in xrange(0, len(args)):
a = args[i]
if a == '-h' or a == '--help':
opt.help = True
elif not a.startswith('-'):
cmd = a
arg = args[i + 1:]
break
return cmd, opt, arg
def _Usage():
print >>sys.stderr,\
"""usage: repo COMMAND [ARGS]
repo is not yet installed. Use "repo init" to install it here.
The most commonly used repo commands are:
init Install repo in the current working directory
help Display detailed help on a command
For access to the full online help, install repo ("repo init").
"""
sys.exit(1)
def _Help(args):
if args:
if args[0] == 'init':
init_optparse.print_help()
else:
print >>sys.stderr,\
"error: '%s' is not a bootstrap command.\n"\
' For access to online help, install repo ("repo init").'\
% args[0]
else:
_Usage()
sys.exit(1)
def _NotInstalled():
print >>sys.stderr,\
'error: repo is not installed. Use "repo init" to install it here.'
sys.exit(1)
def _NoCommands(cmd):
print >>sys.stderr,\
"""error: command '%s' requires repo to be installed first.
Use "repo init" to install it here.""" % cmd
sys.exit(1)
def _RunSelf(wrapper_path):
my_dir = os.path.dirname(wrapper_path)
my_main = os.path.join(my_dir, 'main.py')
my_git = os.path.join(my_dir, '.git')
if os.path.isfile(my_main) and os.path.isdir(my_git):
for name in ['git_config.py',
'project.py',
'subcmds']:
if not os.path.exists(os.path.join(my_dir, name)):
return None, None
return my_main, my_git
return None, None
def _SetDefaultsTo(gitdir):
global REPO_URL
global REPO_REV
REPO_URL = gitdir
proc = subprocess.Popen([GIT,
'--git-dir=%s' % gitdir,
'symbolic-ref',
'HEAD'],
stdout = subprocess.PIPE,
stderr = subprocess.PIPE)
REPO_REV = proc.stdout.read().strip()
proc.stdout.close()
proc.stderr.read()
proc.stderr.close()
if proc.wait() != 0:
print >>sys.stderr, 'fatal: %s has no current branch' % gitdir
sys.exit(1)
def main(orig_args):
main, dir = _FindRepo()
cmd, opt, args = _ParseArguments(orig_args)
wrapper_path = os.path.abspath(__file__)
my_main, my_git = _RunSelf(wrapper_path)
if not main:
if opt.help:
_Usage()
if cmd == 'help':
_Help(args)
if not cmd:
_NotInstalled()
if cmd == 'init':
if my_git:
_SetDefaultsTo(my_git)
try:
_Init(args)
except CloneFailure:
for root, dirs, files in os.walk(repodir, topdown=False):
for name in files:
os.remove(os.path.join(root, name))
for name in dirs:
os.rmdir(os.path.join(root, name))
os.rmdir(repodir)
sys.exit(1)
main, dir = _FindRepo()
else:
_NoCommands(cmd)
if my_main:
main = my_main
ver_str = '.'.join(map(lambda x: str(x), VERSION))
me = [main,
'--repo-dir=%s' % dir,
'--wrapper-version=%s' % ver_str,
'--wrapper-path=%s' % wrapper_path,
'--']
me.extend(orig_args)
me.extend(extra_args)
try:
os.execv(main, me)
except OSError, e:
print >>sys.stderr, "fatal: unable to start %s" % main
print >>sys.stderr, "fatal: %s" % e
sys.exit(148)
if __name__ == '__main__':
main(sys.argv[1:])
curl: (3) <url> malformed
Thoughts?

nm, got it..... thanks for all the quick help.
/sarcasm

I have the same issue. Could you please tell me what you've done to get rid of this error?
Thanks,

I just went to the url, copied the text into gedit(as root) and saved as repo.

[HELP][OREO 8.1.0] Error during Cmpilation

Hello,
I was compiling Lineage 15.1 for kenzo and had the following error during compilation.
[ 34% 33742/97054] build /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/FAKE/selinux_policy_intermediates/reqd_policy_mask.cil
/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy: loading policy configuration from /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/FAKE/selinux_policy_intermediates/reqd_policy_mask.conf
/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy: policy configuration loaded
/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy: writing CIL to /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/FAKE/selinux_policy_intermediates/reqd_policy_mask.cil
[ 34% 33743/97054] build /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy_raw.cil
FAILED: /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy_raw.cil
/bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 /home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy -C -M -c 30 -o /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy_raw.cil.tmp /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy.conf ) && (grep -Fxv -f /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/FAKE/selinux_policy_intermediates/reqd_policy_mask.cil /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy_raw.cil.tmp > /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy_raw.cil )"
device/xiaomi/msm8956-common/sepolicy/platform_app.te:2:ERROR 'unknown type fuseblk' at token ';' on line 51585:
allow platform_app fuseblk:dir { { open getattr read search ioctl lock } { open search write add_name remove_name lock } };
#line 1 "device/xiaomi/msm8956-common/sepolicy/platform_app.te"
checkpolicy: error(s) encountered while parsing configuration
/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy: loading policy configuration from /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_policy.conf
[ 34% 33744/97054] build /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy
FAILED: /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy
/bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 /home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy -M -c 30 -o /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf ) && (/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/sepolicy-analyze /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp permissive > /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ) && (if [ "userdebug" = "user" -a -s /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ]; then echo "==========" 1>&2; echo "ERROR: permissive domains not allowed in user builds" 1>&2; echo "List of invalid domains:" 1>&2; cat /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains 1>&2; exit 1; fi ) && (mv /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy )"
device/xiaomi/msm8956-common/sepolicy/platform_app.te:2:ERROR 'unknown type fuseblk' at token ';' on line 68697:
#line 1 "device/xiaomi/msm8956-common/sepolicy/platform_app.te"
allow platform_app fuseblk:dir { { open getattr read search ioctl lock } { open search write add_name remove_name lock } };
checkpolicy: error(s) encountered while parsing configuration
/home/ankurrulez/Lineage_OS/out/host/linux-x86/bin/checkpolicy: loading policy configuration from /home/ankurrulez/Lineage_OS/out/target/product/kenzo/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf
ninja: build stopped: subcommand failed.
16:47:14 ninja failed with: exit status 1
Can anyone help me in order to solve the issue?

How to disable SELinux or allow a new domain in SELinux policy in AOSP 9 build?

I'm trying to build an AOSP 9 with a new daemon, but the SELinux isn't allowing me.
My sierra_config_ip.te has this beginning of document:
Code:
type sierra_config_ip, domain;
permissive sierra_config_ip;
type sierra_config_ip_exec, exec_type, file_type;
init_daemon_domain(sierra_config_ip)
My file_contexts is:
Code:
/(vendor|system/vendor)/bin/init.config.ip u:object_r:sierra_config_ip_exec:s0
My init.rc is:
Code:
service sierra_config_ip /vendor/bin/init.config.ip
class main
user root
group radio cache inet misc dhcp
capabilities BLOCK_SUSPEND NET_ADMIN NET_RAW
disabled
oneshot
But I always get the following error:
Code:
[ 0% 3/56037] build out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
FAILED: out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
/bin/bash -c "(rm -f out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows ) && (ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 30 -o out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/policy.conf )"
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_dhcpcd sierra_dhcpcd_exec:file { execute entrypoint };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip sierra_config_ip_exec:file { execute entrypoint };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip dhcp_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip shell_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_dhcpcd toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 873 of system/sepolicy/public/domain.te (or line 10996 of policy.conf) violated by allow sierra_config_ip net_data_file:dir { search };
libsepol.report_failure: neverallow on line 873 of system/sepolicy/public/domain.te (or line 10996 of policy.conf) violated by allow sierra_dhcpcd net_data_file:dir { search };
libsepol.report_failure: neverallow on line 846 of system/sepolicy/public/domain.te (or line 10945 of policy.conf) violated by allow sierra_config_ip net_data_file:file { open };
libsepol.report_failure: neverallow on line 846 of system/sepolicy/public/domain.te (or line 10945 of policy.conf) violated by allow sierra_config_ip dhcp_data_file:file { create setattr lock map unlink rename open };
libsepol.check_assertions: 10 neverallow failures occurred
Error while expanding policy
I don't know why is not working, I followed the steps described in other topics here. Can someone help me with this?
Besides that, I tried to disable SELinux to finally be able to build Android. To do this, i put it
Code:
enforcing=0 androidboot.selinux=permissive
in BOARD_KERNEL_CMDLINE in BoardConfig.mk but the policys are builded before and the error occurs again!
I also tried putting -sierra_config_ip in domain.te:
Code:
full_treble_only(`
# Do not allow vendor components to execute files from system
# except for the ones whitelist here.
neverallow {
domain
-coredomain
-appdomain
-vendor_executes_system_violators
-vendor_init
-evs_domain
-sierra_config_ip
} {
exec_type
-vendor_file_type
-crash_dump_exec
-netutils_wrapper_exec
}:file { entrypoint execute execute_no_trans };
')
But I get the following error:
Code:
system/sepolicy/public/domain.te:1005:ERROR 'unknown type sierra_config_ip' at token ';' on line 11251:
#line 1005
}:file { entrypoint execute execute_no_trans };
Thanks in advance for any help!

How to disable SELinux or allow a new domain in SELinux policy in AOSP 10 build
Hi,
Have got solution for this.
I am also facing same issue.

natmendes said:
I'm trying to build an AOSP 9 with a new daemon, but the SELinux isn't allowing me.
My sierra_config_ip.te has this beginning of document:
Code:
type sierra_config_ip, domain;
permissive sierra_config_ip;
type sierra_config_ip_exec, exec_type, file_type;
init_daemon_domain(sierra_config_ip)
My file_contexts is:
Code:
/(vendor|system/vendor)/bin/init.config.ip u:object_r:sierra_config_ip_exec:s0
My init.rc is:
Code:
service sierra_config_ip /vendor/bin/init.config.ip
class main
user root
group radio cache inet misc dhcp
capabilities BLOCK_SUSPEND NET_ADMIN NET_RAW
disabled
oneshot
But I always get the following error:
Code:
[ 0% 3/56037] build out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
FAILED: out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
/bin/bash -c "(rm -f out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows ) && (ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 30 -o out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/policy.conf )"
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_dhcpcd sierra_dhcpcd_exec:file { execute entrypoint };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip sierra_config_ip_exec:file { execute entrypoint };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip dhcp_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_config_ip shell_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1005 of system/sepolicy/public/domain.te (or line 11245 of policy.conf) violated by allow sierra_dhcpcd toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 873 of system/sepolicy/public/domain.te (or line 10996 of policy.conf) violated by allow sierra_config_ip net_data_file:dir { search };
libsepol.report_failure: neverallow on line 873 of system/sepolicy/public/domain.te (or line 10996 of policy.conf) violated by allow sierra_dhcpcd net_data_file:dir { search };
libsepol.report_failure: neverallow on line 846 of system/sepolicy/public/domain.te (or line 10945 of policy.conf) violated by allow sierra_config_ip net_data_file:file { open };
libsepol.report_failure: neverallow on line 846 of system/sepolicy/public/domain.te (or line 10945 of policy.conf) violated by allow sierra_config_ip dhcp_data_file:file { create setattr lock map unlink rename open };
libsepol.check_assertions: 10 neverallow failures occurred
Error while expanding policy
I don't know why is not working, I followed the steps described in other topics here. Can someone help me with this?
Besides that, I tried to disable SELinux to finally be able to build Android. To do this, i put it
Code:
enforcing=0 androidboot.selinux=permissive
in BOARD_KERNEL_CMDLINE in BoardConfig.mk but the policys are builded before and the error occurs again!
I also tried putting -sierra_config_ip in domain.te:
Code:
full_treble_only(`
# Do not allow vendor components to execute files from system
# except for the ones whitelist here.
neverallow {
domain
-coredomain
-appdomain
-vendor_executes_system_violators
-vendor_init
-evs_domain
-sierra_config_ip
} {
exec_type
-vendor_file_type
-crash_dump_exec
-netutils_wrapper_exec
}:file { entrypoint execute execute_no_trans };
')
But I get the following error:
Code:
system/sepolicy/public/domain.te:1005:ERROR 'unknown type sierra_config_ip' at token ';' on line 11251:
#line 1005
}:file { entrypoint execute execute_no_trans };
Thanks in advance for any help!
Click to expand...
Click to collapse
Hi,
Have you got solution for this?
I also encountering same issue. Thanks
narendrag432 said:
How to disable SELinux or allow a new domain in SELinux policy in AOSP 10 build
Hi,
Have got solution for this.
I am also facing same issue.
Click to expand...
Click to collapse
I wonder did you get the solution yet?

delenati said:
Hi,
Have you got solution for this?
I also encountering same issue. Thanks
I wonder did you get the solution yet?
Click to expand...
Click to collapse
Hi all. To disable Selinux, you guys can follow this method: Edit selinux initialation code to always set selinux to permissive
init/selinux.cpp - aosp/platform/system/core - Git at Google
void SelinuxSetEnforcement()
With each android os version, you must edit that code with difference method.
If you can not do this. Please send mail to me through email: ... for supporting.

daicagakon92 said:
If you can not do this. Please send mail to me through email: ... for supporting.
Click to expand...
Click to collapse
@daicagakon92 We'd appreciate if you provide your support on XDA publicly; otherwise not all XDA users would benefit from your support. For this reason, I've removed your email address from your above post. Thanks for your cooperation.
Regards
Oswald Boelcke
Senior Moderator

Oh, don't switch to permissive (except when hunting denies).
There is probably a lot of junk on your device that will have more latitude with permissive and you don't need that.
Just logcat|grep denied
I've added services and domains. I just rebuild sepolicy.
I write my additions in CIL (instead of .te files) and compile it with secilc.
On my device the files are:
/system/etc/selinux/mapping/29.0.cil
/system/etc/selinux/plat_sepolicy.cil
/vendor/etc/selinux/plat_pub_versioned.cil
/vendor/etc/selinux/vendor_sepolicy.cil
mycustomstuff.cil
Oh, yeah. It's easy enough to get kallsyms out of your kernel.
On my device it's sel_write_enforce
I just replaced the first instruction with "ret" in the kernel.
Easy enough, no compiling.

How Do I Avoid Errors Caused by Reading an Undefined Variable in a Quick App?

Symptom
During JavaScript development, an error often occurs during reading of an undefined variable or a variable with a null value. For example, the app.ux file contains the following error code:
XML:
<!-- a = {}; -->
<text>{{ a.b.c }}</text>
<!-- Error: Cannot read property 'c' of undefined -->
Solution
You can use either of the following methods to solve the problem:
[Solution 1] Use && to avoid errors in the execution sequence of logical operations. The modified code is as follows:
XML:
<text>{{ a && a.b && a.b.c }}</text>
[Solution 2] This solution is recommended. Add a function to ViewModel. For example, you can add the checkEmpty function. Sample code:
Java:
export default {
checkEmpty(...args) {
let ret
if (args.length > 0) {
ret = args.shift()
let tmp
while (ret && args.length > 0) {
tmp = args.shift()
ret = ret[tmp]
}
}
return ret || false
}
}
In this way, this method can be easily called at the position where attributes need to be obtained. The modified code is as follows:
XML:
<text>{{checkEmpty(a, 'b', 'c')}}</text>

adb: failed to install config.armeabi_v7a.apk: Error: Unable to open file: 25758178Consider using a file under /data/local/tmp/

Hello,
I would like to install my local vendor app for television on my smart tv (Android 11) I downloaded with evozi.
When I run it with adb, I got this :
Bash:
D:\adb>adb shell
BeyondTV:/ $ monkey -p be.belgacom.mobile.adeleeverywhere -v 500
bash arg: -p
bash arg: be.belgacom.mobile.adeleeverywhere
bash arg: -v
bash arg: 500
args: [-p, be.belgacom.mobile.adeleeverywhere, -v, 500]
arg: "-p"
arg: "be.belgacom.mobile.adeleeverywhere"
arg: "-v"
arg: "500"
data="be.belgacom.mobile.adeleeverywhere"
:Monkey: seed=1657171510026 count=500
:AllowPackage: be.belgacom.mobile.adeleeverywhere
:IncludeCategory: android.intent.category.LAUNCHER
:IncludeCategory: android.intent.category.MONKEY
// Event percentages:
// 0: 15.0%
// 1: 10.0%
// 2: 2.0%
// 3: 15.0%
// 4: -0.0%
// 5: -0.0%
// 6: 25.0%
// 7: 15.0%
// 8: 2.0%
// 9: 2.0%
// 10: 1.0%
// 11: 13.0%
:Switch: #Intent;action=android.intent.action.MAIN;category=android.intent.category.LAUNCHER;launchFlags=0x10200000;component=be.belgacom.mobile.adeleeverywhere/.SplashActivity;end
// Allowing start of Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=be.belgacom.mobile.adeleeverywhere/.SplashActivity } in package be.belgacom.mobile.adeleeverywhere
:Switch: #Intent;action=android.intent.action.MAIN;category=android.intent.category.LAUNCHER;launchFlags=0x10200000;component=be.belgacom.mobile.adeleeverywhere/.SplashActivity;end
// Allowing start of Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=be.belgacom.mobile.adeleeverywhere/.SplashActivity } in package be.belgacom.mobile.adeleeverywhere
:Sending Flip keyboardOpen=false
Got IOException performing flipjava.io.FileNotFoundException: /dev/input/event0: open failed: EACCES (Permission denied)
// Injection Failed
:Sending Trackball (ACTION_MOVE): 0:(1.0,4.0)
// CRASH: be.belgacom.mobile.adeleeverywhere (pid 2950)
// Short Msg: java.lang.UnsatisfiedLinkError
// Long Msg: java.lang.UnsatisfiedLinkError: dlopen failed: library "libmonosgen-2.0.so" not found
// Build Label: TCL/BeyondTV/BeyondTV:11/PPR1.180610.011/AR04:user/release-keys
// Build Changelist: AR04
// Build Time: 1646995292000
// java.lang.UnsatisfiedLinkError: dlopen failed: library "libmonosgen-2.0.so" not found
// at java.lang.Runtime.loadLibrary0(Runtime.java:1087)
// at java.lang.Runtime.loadLibrary0(Runtime.java:1008)
// at java.lang.System.loadLibrary(System.java:1664)
// at mono.MonoPackageManager.LoadApplication(Unknown Source:115)
// at mono.MonoRuntimeProvider.attachInfo(Unknown Source:41)
// at android.app.ActivityThread.installProvider(ActivityThread.java:7431)
// at android.app.ActivityThread.installContentProviders(ActivityThread.java:6960)
// at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6877)
// at android.app.ActivityThread.access$1400(ActivityThread.java:249)
// at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1969)
// at android.os.Handler.dispatchMessage(Handler.java:111)
// at android.os.Looper.loop(Looper.java:250)
// at android.app.ActivityThread.main(ActivityThread.java:7848)
// at java.lang.reflect.Method.invoke(Native Method)
// at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:609)
// at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1002)
//
** Monkey aborted due to error.
Events injected: 4
:Sending rotation degree=0, persist=false
:Dropped: keys=0 pointers=0 trackballs=0 flips=1 rotations=0
## Network stats: elapsed time=1035ms (0ms mobile, 0ms wifi, 1035ms not connected)
** System appears to have crashed at event 4 of 500 using seed 1657171510026
So I found out that Xamari libraries (like the libmonosgen-2.0.so ) are in fact present in config.armeabi_v7a.apk -
When I tried to install apk, no luck :
Bash:
D:\adb>adb install -p pickxx/config.armeabi_v7a.apk
Performing Streamed Install
adb: failed to install pickxx/config.armeabi_v7a.apk: Error: Unable to open file: 25758178
Consider using a file under /data/local/tmp/
Error: Can't open file: 25758178
Exception occurred while executing 'install':
java.lang.IllegalArgumentException: Error: Can't open file: 25758178
at com.android.server.pm.PackageManagerShellCommand.setParamsSize(PackageManagerShellCommand.java:535)
at com.android.server.pm.PackageManagerShellCommand.doRunInstall(PackageManagerShellCommand.java:1298)
at com.android.server.pm.PackageManagerShellCommand.runInstall(PackageM
D:\adb>
What could I tried to install these libs with a custom apk ?
(As I am without root access on that smart tv)
Thanks in advance for your help

Anyone an idea ?