I know I can’t change the init.rc file because it’s rewritten upon restart.
Hence, I’ve tried something “wrong” just for the sake of it (a temporary solution, only to see if it works) – I have noticed commands like these in init.rc:
service DR-daemon /system/bin/ddexe class main user root group system radio inet net_raw service SMD-daemon /system/bin/smdexe class main user root group system radio inet net_raw service BCS-daemon /system/bin/connfwexe class main user root group system radio inet net_raw
I picked one of them, for example
connfwexe, and made an executable of my own, under the same name, and replaced the original
connfwexe with mine.
one of the commands in my executable was
mkdir /sdcard/1234 and indeed, upon restart, the directory appears.
However, another command I’ve tried is either
system("setenforce 0"); or
system("echo 0 > /sys/fs/selinux/enforce") – none of which is working.
When the device is up again, SELinux is enforcing.
I know that root can set it to permissive (I can directly from the shell) and system cannot; question is, why the services above, that are run as root, are not able to set SELinux to permissive? is it because I’m using the “system()” call? or maybe the phase where the services are run is too early?
What is wrong here and is it possible for me, this way, to run commands as root?
I know it’s looks like ugly hacking, this will not be the final solution, but only for learning porpuses, so please spare unhelpful comments such as “you shouldn’t do so”. Thanks