Clarify SELinux service error message
1) Attempt to make the error message associated with a missing service
better.
2) Provide a link to more in-depth documentation.
Bug: 65023716
Test: code compiles.
Change-Id: Ie0f1896fb41d5afd11501f046cb51d4c8afe0a62
diff --git a/init/service.cpp b/init/service.cpp
index d3c9f92..dee0c3d 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -82,7 +82,11 @@
free(new_con);
}
if (rc == 0 && computed_context == mycon.get()) {
- return Error() << "Service does not have an SELinux domain defined";
+ return Error() << "File " << service_path << "(labeled \"" << filecon.get()
+ << "\") has incorrect label or no domain transition from " << mycon.get()
+ << " to another SELinux domain defined. Have you configured your "
+ "service correctly? https://source.android.com/security/selinux/"
+ "device-policy#label_new_services_and_address_denials";
}
if (rc < 0) {
return Error() << "Could not get process context";