-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
avc: denied {execute} in files directory #585
Comments
Which devices and Android versions does the problem happen on? And do you have any other devices where the problem does not occur? |
Android 8.1 |
If your company certificate gives the app special privileges on the device, then this problem is probably caused by the SELinux policy blocking privileged apps from loading native code from app data directories. See here for discussion. The easiest way to work around this would be to sign the app with an unprivileged certificate, as you've discovered. Alternatively, if you have root access to the device, you could try changing the device's SELinux policy. I don't know exactly how to do this, and I can't advise you on what the security implications would be. But the relevant section which applies to unprivileged apps is here. You would have to copy that and make it apply to privileged apps as well. |
I'll leave this issue open, because some people have speculated that this restriction may be extended to all apps in the future. If that happens, we'll have to move all of Chaquopy's native Python modules to the APK's libs directory, as discussed in #1198. |
Chaquopy version
10.0.1
Hi ! I got an error while starting the app (Python.start)
type=1400 audit(0.0:189): avc: denied { execute } for path="/data/data/com.example.app/files/chaquopy/bootstrap-native/armeabi-v7a/zlib.so" tclass=file permissive=0
This makes my app crashes(on Python.start) but only when signed with my company certificate, which contains 3 extensions(BasicConstraints, AuthorityKeyIdentifier, SubjectKeyIdentifier)
When I generate my own Key with only the SubjectKeyIdentifier, I don't have the issue.
Do you got any idea why I get the crash with the first one?
Thanks !
The text was updated successfully, but these errors were encountered: