Disabling SELinux in Android 5.0.1
I am trying to identify the configuration file where SELinux is set to Enforcing mode in Android Framework.
Please do not reply just saying
adb shell su 0 setenforce permissive
I need the system to boot in permissive mode or have SELinux completely disabled at boot time.
Thanks
Answer
There are two ways that enforcing mode is set. On user builds, it will always be in enforcing. On eng or userdebug, you can control it. You can control it in the standard selinux way, by setting enforcing=1/0 on the kernel command line as outlined in Dan Walsh's blog:
http://danwalsh.livejournal.com/10972.html
The Android centric way is to set the kernel command line to androidboot.selinux=permissive
You can control the kernel command line by editing your BoardConfig.mk and adding this:
BOARD_KERNEL_CMDLINE += androidboot.selinux=permissive
The Android centric way is enforced by init, if you look in system/core/init/init.cpp look at the selinux_initialize() routine that is called from main().