chcon可实现对文件的SEAndroid安全标签的修改

参考使用如下:

chcon -u u system/app/

chcon -r object_r system/app/

chcon -t system_file system/app/

chcon -u u system/priv-app/

chcon -r object_r system/priv-app/

chcon -t system_file system/priv-app/

chcon -u u system b/.so

chcon -r object_r system b/.so

chcon -t system_library_file system b/*.so

chcon -u u xxx

chcon -r object_r xxx

chcon -t system_file xxx

chcon--reference=RFILE dest

详情请查询 man chcon

chcon的使用需要系统支持selinux,否则命令可能执行失败。

安装selinux

首先应用安装一下

sudo apt-get install selinux

修改配置文件

修改/etc/selinux/config 文件

有效将SELINUX=enforcing

无效SELINUX=disabled

SELINUX=permissive 表示如果不符合selinux规则,仍然可以执行,只是会发出警告

重启机器生效

我的安装日志

apt-get install selinux
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
checkpolicy gawk libaudit0 libsemanage-common libsemanage1 libsepol1 libsigsegv2 libustr-1.0-1 policycoreutils python-selinux python-semanage python-sepolgen
selinux-policy-ubuntu selinux-utils
Suggested packages:
selinux-policy-dev
Recommended packages:
selinux-policy-default
The following packages will be REMOVED:
apparmor
The following NEW packages will be installed:
checkpolicy gawk libaudit0 libsemanage-common libsemanage1 libsepol1 libsigsegv2 libustr-1.0-1 policycoreutils python-selinux python-semanage python-sepolgen selinux
selinux-policy-ubuntu selinux-utils
0 upgraded, 15 newly installed, 1 to remove and 21 not upgraded.
Need to get 4793 kB of archives.
After this operation, 43.3 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://mirrors.163.com/ubuntu/ precise/main libsigsegv2 amd64 2.9-4ubuntu2 [14.6 kB]
Get:2 http://mirrors.163.com/ubuntu/ precise/main gawk amd64 1:3.1.8+dfsg-0.1ubuntu1 [465 kB]
Get:3 http://mirrors.163.com/ubuntu/ precise/main libsepol1 amd64 2.1.0-1.2 [121 kB]
Get:4 http://mirrors.163.com/ubuntu/ precise/universe libaudit0 amd64 1.7.18-1ubuntu1 [67.5 kB]
Get:5 http://mirrors.163.com/ubuntu/ precise/universe libustr-1.0-1 amd64 1.0.4-2 [77.1 kB]
Get:6 http://mirrors.163.com/ubuntu/ precise/universe libsemanage-common all 2.1.0-2 [6608 B]
Get:7 http://mirrors.163.com/ubuntu/ precise/universe libsemanage1 amd64 2.1.0-2 [86.2 kB]
Get:8 http://mirrors.163.com/ubuntu/ precise/universe python-semanage amd64 2.1.0-2 [60.8 kB]
Get:9 http://mirrors.163.com/ubuntu/ precise/universe python-selinux amd64 2.1.0-4.1ubuntu1 [171 kB]
Get:10 http://mirrors.163.com/ubuntu/ precise/universe python-sepolgen all 1.1.0-1 [75.8 kB]
Get:11 http://mirrors.163.com/ubuntu/ precise-updates/universe policycoreutils amd64 2.1.0-3ubuntu1.1 [520 kB]
Get:12 http://mirrors.163.com/ubuntu/ precise/universe selinux-utils amd64 2.1.0-4.1ubuntu1 [38.3 kB]
Get:13 http://mirrors.163.com/ubuntu/ precise/universe selinux all 1:0.11 [11.2 kB]
Get:14 http://mirrors.163.com/ubuntu/ precise/universe checkpolicy amd64 2.1.0-1.1 [275 kB]
Get:15 http://mirrors.163.com/ubuntu/ precise/universe selinux-policy-ubuntu all 0.2.20091117-0ubuntu2 [2804 kB]
Fetched 4793 kB in 9s (500 kB/s)
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "zh_CN:zh",
LC_ALL = (unset),
LC_TIME = "zh_CN",
LC_MONETARY = "zh_CN",
LC_ADDRESS = "zh_CN",
LC_TELEPHONE = "zh_CN",
LC_NAME = "zh_CN",
LC_MEASUREMENT = "zh_CN",
LC_IDENTIFICATION = "zh_CN",
LC_NUMERIC = "zh_CN",
LC_PAPER = "zh_CN",
LANG = "zh_CN.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Preconfiguring packages ...
/usr/bin/locale: Cannot set LC_CTYPE to default locale: No such file or directory
/usr/bin/locale: Cannot set LC_MESSAGES to default locale: No such file or directory
/usr/bin/locale: Cannot set LC_ALL to default locale: No such file or directory
(Reading database ... 84607 files and directories currently installed.)
Removing apparmor ...
* Clearing AppArmor profiles cache [ OK ]
All profile caches have been cleared, but no profiles have been unloaded.
Unloading profiles will leave already running processes permanently
unconfined, which can lead to unexpected situations. To set a process to complain mode, use the command line tool
'aa-complain'. To really tear down all profiles, run the init script
with the 'teardown' option."
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Selecting previously unselected package libsigsegv2.
(Reading database ... 84589 files and directories currently installed.)
Unpacking libsigsegv2 (from .../libsigsegv2_2.9-4ubuntu2_amd64.deb) ...
Setting up libsigsegv2 (2.9-4ubuntu2) ...
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Selecting previously unselected package gawk.
(Reading database ... 84597 files and directories currently installed.)
Unpacking gawk (from .../gawk_1%3a3.1.8+dfsg-0.1ubuntu1_amd64.deb) ...
Selecting previously unselected package libsepol1.
Unpacking libsepol1 (from .../libsepol1_2.1.0-1.2_amd64.deb) ...
Selecting previously unselected package libaudit0.
Unpacking libaudit0 (from .../libaudit0_1.7.18-1ubuntu1_amd64.deb) ...
Selecting previously unselected package libustr-1.0-1.
Unpacking libustr-1.0-1 (from .../libustr-1.0-1_1.0.4-2_amd64.deb) ...
Selecting previously unselected package libsemanage-common.
Unpacking libsemanage-common (from .../libsemanage-common_2.1.0-2_all.deb) ...
Selecting previously unselected package libsemanage1.
Unpacking libsemanage1 (from .../libsemanage1_2.1.0-2_amd64.deb) ...
Selecting previously unselected package python-semanage.
Unpacking python-semanage (from .../python-semanage_2.1.0-2_amd64.deb) ...
Selecting previously unselected package python-selinux.
Unpacking python-selinux (from .../python-selinux_2.1.0-4.1ubuntu1_amd64.deb) ...
Selecting previously unselected package python-sepolgen.
Unpacking python-sepolgen (from .../python-sepolgen_1.1.0-1_all.deb) ...
Selecting previously unselected package policycoreutils.
Unpacking policycoreutils (from .../policycoreutils_2.1.0-3ubuntu1.1_amd64.deb) ...
Selecting previously unselected package selinux-utils.
Unpacking selinux-utils (from .../selinux-utils_2.1.0-4.1ubuntu1_amd64.deb) ...
Selecting previously unselected package selinux.
Unpacking selinux (from .../selinux_1%3a0.11_all.deb) ...
Selecting previously unselected package checkpolicy.
Unpacking checkpolicy (from .../checkpolicy_2.1.0-1.1_amd64.deb) ...
Processing triggers for man-db ...
Processing triggers for ureadahead ...
Setting up libaudit0 (1.7.18-1ubuntu1) ...
Setting up libsepol1 (2.1.0-1.2) ...
Setting up libustr-1.0-1 (1.0.4-2) ...
Setting up libsemanage-common (2.1.0-2) ...
Setting up libsemanage1 (2.1.0-2) ...
Setting up python-semanage (2.1.0-2) ...
Setting up python-selinux (2.1.0-4.1ubuntu1) ...
Setting up python-sepolgen (1.1.0-1) ...
Setting up policycoreutils (2.1.0-3ubuntu1.1) ...
update-rc.d: warning: policycoreutils start runlevel arguments (S 2 3 4 5) do not match LSB Default-Start values (2 3 4 5)
update-rc.d: warning: mcstrans start runlevel arguments (S 2 3 4 5) do not match LSB Default-Start values (2 3 4 5)
update-rc.d: warning: sandbox start runlevel arguments (S 2 3 4 5) do not match LSB Default-Start values (2 3 4 5)
Setting up selinux-utils (2.1.0-4.1ubuntu1) ...
Setting up selinux (1:0.11) ...
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-3.8.0-44-generic
Found initrd image: /boot/initrd.img-3.8.0-44-generic
Found linux image: /boot/vmlinuz-3.8.0-29-generic
Found initrd image: /boot/initrd.img-3.8.0-29-generic
Found memtest86+ image: /boot/memtest86+.bin
done
* Starting SELinux autorelabel [ OK ]
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Processing triggers for python-support ...
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-3.8.0-44-generic
Selecting previously unselected package selinux-policy-ubuntu.
(Reading database ... 85025 files and directories currently installed.)
Unpacking selinux-policy-ubuntu (from .../selinux-policy-ubuntu_0.2.20091117-0ubuntu2_all.deb) ...
Setting up gawk (1:3.1.8+dfsg-0.1ubuntu1) ...
Setting up checkpolicy (2.1.0-1.1) ...
Setting up selinux-policy-ubuntu (0.2.20091117-0ubuntu2) ...
Updating /etc/selinux/config.
Processing triggers for selinux ...
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
semodule deferred processing now taking place
/usr/sbin/semodule: SELinux policy is not managed or store cannot be accessed.
* File relabel will occur upon next shutdown/reboot.
* Starting SELinux autorelabel * A relabel has already been requested. Please reboot to finish relabeling your system.

分类: android安全

chcon可实现对文件的SEAndroid安全标签的修改的更多相关文章

  1. .net 大文件上传注意,修改 IIS 配置

    原因 Web 服务器上的请求筛选被配置为拒绝该请求,因为内容长度超过配置的值. 可尝试的操作:确认 applicationhost.config 或 web.config 文件中的 configura ...

  2. NetBeans文件被锁,无法修改

    今天用NetBeans写有关Dojo的一个样例时,出现文件被锁,无法修改的情况.找了半天,但是就是不知道是什么原因,我就写在博客上记录下来

  3. 在windows+eclipse+git遇到的未修改文件被标记为已修改的问题

    最近遇到2个具体的问题: 1.我们有个工程里面有几个外部jar包,这几个jar包经常会更新,更新的时候如果是在eclipse中执行的,由于windows文件机制,所以会报错无法覆盖这几个jar包.虽然 ...

  4. 定时删除文件夹"$1"下最后修改时间大于当前时间"$2"天的文件

    shell 脚本: #!/bin/bash now=`date "+%Y-%m-%d_%H:%M:%S"`      #获取当前时间 echo "当前时间: " ...

  5. Dream------Java--ant zip 对压缩文件进行指定位置的修改

    ant zip 对压缩文件进行指定位置的修改 实现功能: 对2中文件进行修改: 需求: 在XX文件中,从二进制流的200字节位置开始,往后的30位字节数量.插入一个值 由于涉及到公司内部,不方便写太多 ...

  6. 错误:38-Corel VideoStudio文件已损坏或被修改。请重新安装原始来源解决方法。

    打开 Corel VideoStudio Pro X5(绘声绘影)弹出一下警告. 错误:38-Corel VideoStudio文件已损坏或被修改.请重新安装原始来源解决方法. [第一方法]:控制面板 ...

  7. 个人永久性免费-Excel催化剂功能第22波-Excel文件类型、密码批量修改,补齐PowerQuery短板

    Excel的多工作薄.多工作表批量合并功能,Excel用户很多这方面的使用场景,也促使了各大Excel各大插件们都在此功能上有所开发,体验程度不一,但总体能够满足大多数的应用场景,本人之前也开发个单独 ...

  8. python 修改文件的创建时间、修改时间、访问时间

    目录 python 修改文件创建.修改.访问时间 方案一 方案二(无法修改文件创建时间) python 修改文件创建.修改.访问时间 突如其来想知道一下 python 如何修改文件的属性(创建.修改. ...

  9. 在Linux中,没有文件创建时间的概念。只有文件的访问时间、修改时间、状态改变时间

    在Linux中,没有文件创建时间的概念.只有文件的访问时间.修改时间.状态改变时间.也就是说不能知道文件的创建时间.但如果文件创建后就没有修改过,修改时间=创建时间:如果文件创建后,状态就没有改变过, ...

随机推荐

  1. boost::token_compress_on

    对于场景:string s = "123456",用"3","4"切分,默认情况下(boost::token_compress_off),切 ...

  2. 课本[Teb]软件设计

    中文名:课本 英文名:Textbook 简称:Teb 一个专注于分享校内课件的软件. 一个课件的整合平台. 发布平台:web>android>ios; 主要功能:预览课件(暂定),搜索课件 ...

  3. LintCode 子树

    easy 子树 19% 通过 有两个不同大小的二进制树: T1 有上百万的节点: T2 有好几百的节点.请设计一种算法.判定 T2 是否为 T1的子树. 您在真实的面试中是否遇到过这个题? Yes 例 ...

  4. cocos2d-x android 字体的设置

    我们知道 ios 自带的字体 和 android 自带的字体不同 为了使我们开发的游戏中的字体统一 我们就需要自己的字体(包括从mac 拷贝出来的 字体) 从 mac 中 copy 出 Thonbur ...

  5. 求1+2+3+...+n,要求不能使用乘除法、for、while、if、else、switch、case等关键字及条件判断语句(A?B:C)

    代码如下: public int Sum_Solution(int n) { int temp = n; boolean b = (temp>0)&&(temp += Sum_S ...

  6. Anatomy of the Linux kernel--转

    ref:http://www.ibm.com/developerworks/linux/library/l-linux-kernel/?S_TACT=105AGX52&S_CMP=cn-a-l ...

  7. 优化Laravel网站打开速度

    Laravel是一个功能强大的框架,组件很多,代码也很庞大,它的易用方便是牺牲了性能的,即便如此它仍然是一个优秀的框架,但在正式环境下要做好优化提升网站的打开速度. 1.关闭debug 打开.env文 ...

  8. 关于Android中TextView显示多个空格

    一.直接填写文字,输入多少,显示多少,如下: android:text="AAA     AAA"     ————————>显示:AAA     AAA 二.通过设置str ...

  9. C++字符串处理封装类String

    概述 C++在处理字符串时相对于python等脚本语言并没有什么优势,下面将常用的字符串处理函数封装成一个String工具类,方便以后使用,后期还会对该类进行扩充,下面是具体的实现: // Strin ...

  10. JavaScript组成

    JavaScript由ECMAScript,Dom,Bom三部分组成. ECMAScript是一种由Ecma国际(前身为欧洲计算机制造商协会,英文名称是European Computer Manufa ...