android5.1 user版本4G模块

由于android5.1 user版本的SELinux安全机制的限制，导致pppd_gprs服务起不来，4G信号出现叹号上不了网。

出现：

init: sys_prop: Unable to start  service ctl [pppd_gprs] uid:1001 gid:1001 pid:187

原因：这是因为android5.1在SELINUX的基础上增加了对property的权限的限制

解决1：我们就需要在rild.te的文件中增加

allow rild ctl_default_prop:property_service set；

allow rild net_radio_prop:property_service set;

就可以了。

出现：

出现：

init: Warning!  Service pppd_gprs needs a SELinux domain defined; please fix!

原因：对于没有定义SELinux的权限规则的service，系统只是给出一条警告，还是会继续启动这个进程。如果我们的服务没有触及到未允许的权限操作，那么这个服务一样会正常启动的，我们可以直接无视这个警告。但是如果触及到未允许的权限操作，那么这个服务可能就不能正常启动。

解决2：步骤1：在external/sepolicy/file_contexts文件增加代码

/system/etc/init.gprs-pppd u:object_r:pppd_gprs_exec:s0

原服务init.rc内容为：

service pppd_gprs /system/etc/init.gprs-pppd    user root    group radio cache inet misc    disabled    oneshot

步骤2：在external/sepolicy/目录下增加一个文件pppd_gprs.te，增加内容

type pppd_gprs, domain;type pppd_gprs_exec, exec_type, file_type;init_daemon_domain(pppd_gprs)

调试过程中会出现一堆权限问题，如下

1、avc: denied { execute_no_trans } for pid=1314 comm="init.gprs-pppd" path="/system/bin/pppd" dev="mmcblk0p10" ino=355 scontext=u:r:init:s0 tcontext=u:object_r:ppp_exec:s0 tclass=file permissive=0

2、avc: denied { read } for pid=1375 comm="init.gprs-pppd" path="/system/bin/sh" dev="mmcblk0p10" ino=395 scontext=u:r:pppd_gprs:s0 tcontext=u:object_r:shell_exec:s0 tclass=file permissive=0

解决第1点：在external/sepolicy/init.te增加

allow init ppp_exec:file {execute_no_trans};

解决第2点：在pppd_gprs.te在上面已增加内容下增加

allow pppd_gprs shell_exec:file {read};allow pppd_gprs toolbox_exec:file {getattr};allow pppd_gprs toolbox_exec:file {execute};allow pppd_gprs toolbox_exec:file {read open};allow pppd_gprs toolbox_exec:file {execute_no_trans};allow pppd_gprs ppp_exec:file {getattr};allow pppd_gprs property_socket:sock_file {write};allow pppd_gprs init:unix_stream_socket {connectto};allow pppd_gprs ppp_exec:file {execute};allow pppd_gprs ppp_exec:file {read open};allow pppd_gprs net_radio_prop:property_service {set};allow pppd_gprs ppp_exec:file {execute_no_trans};allow pppd_gprs tty_device:chr_file {getattr};allow pppd_gprs pppd_gprs:capability {dac_override};allow pppd_gprs ppp_device:chr_file {read write};allow pppd_gprs ppp_device:chr_file {open};allow pppd_gprs pppd_gprs:capability {net_admin};allow pppd_gprs pppd_gprs:udp_socket {create};allow pppd_gprs tty_device:chr_file {read write};allow pppd_gprs tty_device:chr_file {open};allow pppd_gprs tty_device:chr_file {ioctl};allow pppd_gprs pppd_gprs:capability {setgid};allow pppd_gprs pppd_gprs:capability {setuid};allow pppd_gprs shell_exec:file {execute};allow pppd_gprs shell_exec:file {read open};allow pppd_gprs shell_exec:file {execute_no_trans};allow pppd_gprs shell_exec:file {getattr};allow pppd_gprs system_file:file {execute_no_trans};allow pppd_gprs ppp_device:chr_file {ioctl};allow pppd_gprs system_data_file:dir {write};allow pppd_gprs pppd_gprs:udp_socket {ioctl};allow pppd_gprs system_data_file:dir {add_name};allow pppd_gprs system_data_file:file {create};allow pppd_gprs system_data_file:file {write open};

allow后面的格式说明：

参考之前的报错信息

avc: denied ...scontext=u:r:pppd_gprs:s0 tcontext=u:object_r:shell_exec:s0 tclass=file
[1]对应scontext=u:r:之后内容，为pppd_gprs就在pppd_gprs.pe中改，为init就在init.te中改
[2]对应tcontext=u:object_r:之后内容
[3]对应tclass=之后内容

到此，android user版本的4G模块就可以上网了