Toybrick

标题: 如何禁止root并移除su? [打印本页]
作者: swlmx    时间: 2020-4-7 14:08
标题: 如何禁止root并移除su?
RT。
build.sh -b 不管是prod还是prop都能执行adb root,不懂怎么编译user版本
作者: swlmx    时间: 2020-4-7 14:16
@jefferyzhang 救救
作者: jefferyzhang    时间: 2020-4-7 14:18
https://www.jianshu.com/p/99bd019ed332
作者: swlmx    时间: 2020-4-7 14:25
jefferyzhang 发表于 2020-4-7 14:18
https://www.jianshu.com/p/99bd019ed332

所以我直接lunch user然后make?那教程里build.sh -b prod 是起什么作用
编译工程

1、cd  android根目录

2、./build.sh  -b prod

3、生成的固件在rockdev/Image-rk3399pro/目录下。

4、注意:如果单独编译kernel,需要先复制rockdev/Image-rk3399pro/ramdisk.img到kernel目录
作者: jefferyzhang    时间: 2020-4-7 14:34
swlmx 发表于 2020-4-7 14:25
所以我直接lunch user然后make?那教程里build.sh -b prod 是起什么作用

自己脚本打开看下不就知道了。。。
作者: swlmx    时间: 2020-4-10 10:44
本帖最后由 swlmx 于 2020-4-10 10:45 编辑
jefferyzhang 发表于 2020-4-7 14:34
自己脚本打开看下不就知道了。。。

还是编译不过。
  1. lunch rk3399pro-user
  2. build.sh -b prod
复制代码

sepolicy报错 1.5的源码
  1. [ 33% 25586/75488] build out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy
  2. FAILED: out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy
  3. /bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c             30 -o out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf ) && (out/host/linux-x86/bin/sepolicy-analyze out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp permissive > out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ) && (if [ "user" = "user" -a -s out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ]; then            echo "==========" 1>&2;           echo "ERROR: permissive domains not allowed in user builds" 1>&2;              echo "List of invalid domains:" 1>&2;              cat out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains 1>&2;            exit 1;                 fi ) && (mv out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy )"
  4. out/host/linux-x86/bin/checkpolicy:  loading policy configuration from out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf
  5. out/host/linux-x86/bin/checkpolicy:  policy configuration loaded
  6. out/host/linux-x86/bin/checkpolicy:  writing binary representation (version 30) to out/target/product/rk3399pro/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp
  7. ==========
  8. ERROR: permissive domains not allowed in user builds
  9. List of invalid domains:
  10. vendor_boot
  11. [ 33% 25597/75488] //external/sfntly:libsfntly clang++ cpp/src/sample/chromium/subsetter_impl.cc
  12. ninja: build stopped: subcommand failed.
  13. 09:54:47 ninja failed with: exit status 1
复制代码
作者: jefferyzhang    时间: 2020-4-10 10:54
swlmx 发表于 2020-4-10 10:44
还是编译不过。

ERROR: permissive domains not allowed in user builds
这是sepolicy权限设置问题。
编译问题要自行google处理,我们没办法手把手教你。。
作者: swlmx    时间: 2020-4-10 13:44
jefferyzhang 发表于 2020-4-10 10:54
ERROR: permissive domains not allowed in user builds
这是sepolicy权限设置问题。
编译问题要自行goog ...

这东西不是镜像自己带的吗……是不是没设置好
作者: swlmx    时间: 2020-4-10 14:14
注释掉vendor_boot.te中permissive能编译通过,不过usb和触摸屏用不了
要慢慢改源码了……
作者: jefferyzhang    时间: 2020-4-10 14:23
swlmx 发表于 2020-4-10 13:44
这东西不是镜像自己带的吗……是不是没设置好

我们那个安卓都是AOSP的代码,都没动过。。。



欢迎光临 Toybrick (https://t.rock-chips.com/) Powered by Discuz! X3.3