I am trying to create a System service which runs once system boots up, I have followed required steps except sepolicy files update.
I have referred https://android.jlelse.eu/system-service-in-aosp-750007d39555.
Currently My service is not running as avc denied error is coming. I am running in permissive mode. I have tried to add required changes in service.te and conexts.te in /system/sepolicy/public/service.te. I am getting compilation error as [6:49 PM] Kumar, Rathnakaram Anil (uic40644)
[4:03 PM] Kumar, Rathnakaram Anil (uic40644)
Hi Ashwini,
I am trying to add selinux permissions for my test service, facing error:
[ 13% 18579/140712] build out/target/product/caaf_denali_pegasus/obj/ETC/sepolicy_freeze_test_intermediates/sepolicy_freeze_test FAILED: out/target/product/caaf_denali_pegasus/obj/ETC/sepolicy_freeze_test_intermediates/sepolicy_freeze_test /bin/bash -c "(diff -rq -x bug_map system/sepolicy/prebuilts/api/29.0/public system/sepolicy/public ) && (diff -rq -x bug_map system/sepolicy/prebuilts/api/29.0/private system/sepolicy/private ) && (touch out/target/product/caaf_denali_pegasus/obj/ETC/sepolicy_freeze_test_intermediates/sepolicy_freeze_test )" Files system/sepolicy/prebuilts/api/29.0/private/service.te and system/sepolicy/private/service.te differ Files system/sepolicy/prebuilts/api/29.0/private/service_contexts and system/sepolicy/private/service_contexts differ.
I am not able to find any clue on how to update sepolicy for a new service, please help me.
Edit the file /system/sepolicy/private/service_contexts and add this line
service_name u:object_r:service_name:s0
Recompile AOSP.
Give your binary file a selable, add it to "file_contexts"
/vendor/bin/xxx u:object_r:xxx_exec:s0
Create a te file "xxx.te"
# xxx service
type xxx, domain;
type xxx_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(xxx)
Related
BUMP: any thoughts or suggestions?
Building my web application has been throwing the following errors:
The command ""C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\signtool.exe" sign /a /t http://timestamp.verisign.com/scripts/timestamp.dll "application.exe"" exited with code 1
An error occurred while attempting to sign: application.exe
The specified timestamp server either could not be reach or
Based on this post, I added different servers with something like
signtool sign /v /td sha256 /tr "http://timestamp.comodoca.com/rfc3161" /fd sha1 application.exe
but my build still references the Verisign URL even after running this signtool catdb /r http://timestamp.verisign.com/scripts/timestamp.dll and signtool remove http://timestamp.verisign.com/scripts/timestamp.dll
Any ideas? Do I need to create a new certificate? Thanks in advance for help!
So I finally found what the problem was. There was a Build Event setting this reference to Verisign. Once I found it and updated, the build was successful.
The location of this is r-click on the project < select Properties < select the Compile tab < click button for Build Events...
Hope this helps any others.
I am trying to run the example grakn migration "phone_calls" (using python and JSON files).
Before reaching there, I need to load the schema, but I am having trouble with getting the schema loaded, as shown here: https://dev.grakn.ai/docs/examples/phone-calls-schema
System:
-Mac OS 10.15
-grakn-core 1.8.3
-python 3.7.3
The grakn server is started. I checked and the 48555 TCP port is open, so I don't think there is any firewall issue. The schema file is in the same folder (phone_calls) as where the json data files is, for the next step. I am using a virtual environment. The error is below:
(project1_env) (base) tiffanytoor1#MacBook-Pro-2 onco % grakn server start
Storage is already running
Grakn Core Server is already running
(project1_env) (base) tiffanytoor1#MacBook-Pro-2 onco % grakn console --keyspace phone_calls --file phone_calls/schema.gql
Unable to create connection to Grakn instance at localhost:48555
Cause: io.grpc.StatusRuntimeException
UNKNOWN: Could not reach any contact point, make sure you've provided valid addresses (showing first 1, use getErrors() for more: Node(endPoint=/127.0.0.1:9042, hostId=null, hashCode=5f59fd46): com.datastax.oss.driver.api.core.connection.ConnectionInitException: [JanusGraph Session|control|connecting...] init query OPTIONS: error writing ). Please check server logs for the stack trace.
I would appreciate any help! Thanks!
Nevermind -- I found the solution, in case any one else runs into a similar problem. The server configuration file needs to be edited: point the data directory to your project data files (here: the phone_calls data files) & change the server IP address to your own.
For a while now I've been happily using Github's Actions to run my library's R CMD check and deploying the package's documentation. Suddenly the package action started failing with the following error:
── Commiting updated site ──────────────────────────────────────────────────────
Running git add -A .
Running git commit --allow-empty -m 'Built site for lares: 4.9.0#d936943'
*** Please tell me who you are.
Run
git config --global user.email "you#example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: unable to auto-detect email address (got 'runner#Mac-1594850189701.(none)')
Error: System command 'git' failed, exit status: 128, stdout & stderr were printed
Stack trace:
1. pkgdown::deploy_to_branch(new_process = FALSE)
2. pkgdown:::github_push(dest_dir, commit_message, remote, branch)
3. pkgdown:::with_dir(dir, { ...
4. base:::force(code)
5. pkgdown:::git("commit", "--allow-empty", "-m", commit_message)
6. processx::run("git", c(...), echo_cmd = echo_cmd, echo = echo, ...
7. throw(new_process_error(res, call = sys.call(), echo = echo, ...
x System command 'git' failed, exit status: 128, stdout & stderr were printed
── Removing worktree ───────────────────────────────────────────────────────────
Running git worktree remove \
/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/Rtmpp2vz58/file888686837c1
Execution halted
##[error]Process completed with exit code 1.
I've tried running those commands with my name and email from RStudio's terminal, tried from different computers I code, checked pkgdown::deploy_to_branch() documentation... with no success.
Any idea how to solve this? What am I not seeing? Is it a bug on something that recently changed?
- run: |
git config --global user.email "you#example.com"
git config --global user.name "Your Name"
Just add step like that somewhere in your workflow.
In fact, it looks you already (almost) wrote a fix but decided for some reason to use Rscript as shell for that, and didn't close '. That threw other kind of error so you kicked it out and are back at square one :)
I have CodeBuild project that works fine.
Trying to use it in CodePipeline and it failure with empty Repository and Submitter.
Failure logs are simple as:
01:34:17
[Container] 2018/03/08 01:34:10 Waiting for agent ping
01:34:17
[Container] 2018/03/08 01:34:12 Waiting for DOWNLOAD_SOURCE
There are no any settings to adjust CodeBuild phase anywhere.
How can I fix/customise it?
Recreate the build project from within CodePipeline, so it receives the source code from the provider called "CodePipeline".
Source of the information: https://apassionatechie.wordpress.com/2018/02/08/codebuild-aws-from-codepipeline-aws/
Just if somebody would need an answer.
The issue was in not precise file naming for CodeBuild stage where CodeDeploy in it's turn won't be able to pull the ZIP file.
As a fix I've added an extra command to builspec.yml
post_build:
commands:
- zip -r Application.zip target/Application-0.0.1.war
I am trying to run a build script and I keep getting errors during a specific svn task. When I try to build the target from the command line, I get an authentication error. When I run the build from flex builder I get an error saying "please get a newer Subversion client". From what I can tell there is a root issue that can be seen here when doing an ant -verbose:
svn_update:
[echo] Updating the project source...
[svn] Using javahl
[svn] <Update> started ...
[svn] update /Users/dave/Documents/Flex Builder 3/AssetLibrary -r HEAD --force
[svn] At revision 373.
[svn] <Update> finished.
[ant] Exiting /Users/dave/Documents/Flex Builder 3/Simulation/build-template/commonbuild.xml.
[ant] Exiting /Users/dave/Documents/Flex Builder 3/AssetLibrary/build.xml.
[echo] Updating DataService Source
...
svn_update:
[echo] Updating the project source...
[svn] Using command line
[svn] <Update> started ...
[svn] up -r HEAD /Users/dave/Documents/Flex Builder 3/DataService --non-interactive
[svn] svn: OPTIONS of 'https://svn.example.com/{redacted}': authorization failed: Could not authenticate to server: ignored NTLM challenge, rejected Basic challenge (https://svn.example.com)
[svn] <Update> failed !
[ant] Exiting /Users/dave/Documents/Flex Builder 3/Simulation/build-template/commonbuild.xml.
[ant] Exiting /Users/dave/Documents/Flex Builder 3/DataService/build.xml.
[ant] Exiting /Users/dave/Documents/Flex Builder 3/Simulation/build.xml.
As you can see, the second (failing) svn_update target is using command line, and the first (working) update is using javahl. I am using the default attributes for svn, so javahl should default to be used.
I updated my svnant jars to 1.3.0.
Would love some help with this one!
Dave
First thing that's catching my eye is that the javahl one isn't calling the update on the same directory as the last one:
/Users/david.marr/Documents/Flex Builder 3/AssetLibrary
vs.
/Users/david.marr/Documents/Flex Builder 3/DataService
It could be that there is some other SVN problem underlying and you're just getting a misleading error message. Also, are you sure url https://svn.frogdesign.com/{redacted} is being parsed correct whatnot? "{redacted}" doesn't look like ANT syntax to me, and neither a regular url.
Maybe your command line client is too old, and the server has a versioning constraint on clients allowed to connect? What does svn --version say?
I usually get the Could not authenticate to server: ignored NTLM challenge, rejected Basic challenge error I use svn update in non interactive mode (example: svn update --non-interactive > output.txt) and when my NT or Active Directory password has changed. The way to fix this would be to first run svn update > output.txt which will then prompt you for your password. Once provided, you will get the following
Authentication realm: <http://svnserver:80> SVN Server
Password for 'siacca':
-----------------------------------------------------------------------
ATTENTION! Your password for authentication realm:
<http://svnserver:80> SVN Server
can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.
You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/cygdrive/u/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? yes
Once this is done (I'm with you, I don't like storing my password unencrypted either, but this is the only way I can run automated nightly svn updates), you should be able to run svn update in non-interactive mode.