Skip to content

Update SELinux policy to read mount namespace#98

Merged
JingMatrix merged 1 commit intomasterfrom
selinux
Feb 18, 2026
Merged

Update SELinux policy to read mount namespace#98
JingMatrix merged 1 commit intomasterfrom
selinux

Conversation

@JingMatrix
Copy link
Copy Markdown
Owner

@JingMatrix JingMatrix commented Feb 17, 2026

The following SELinux audit logs are observed on AVD emulated devices (based on qemu):

auditd  : type=1400 audit(0.0:9): avc:  denied  { read } for  comm="main" path="mnt:[4026532964]" dev="nsfs" ino=4026532964 scontext=u:r:zygote:s0 tcontext=u:object_r

which caused the failure of NeoZygisk updating mount namespace of root process.

@JingMatrix
Update SELinux policy to read mount namespace
d7c9fdb 
The following SELinux audit logs are observed on AVD emulated devices (based on qemu):
```
auditd  : type=1400 audit(0.0:9): avc:  denied  { read } for  comm="main" path="mnt:[4026532964]" dev="nsfs" ino=4026532964 scontext=u:r:zygote:s0 tcontext=u:object_r
```
which caused the failure of NeoZygisk updating mount namespace of root process.
@JingMatrix
Copy link
Copy Markdown
Owner Author

JingMatrix commented Feb 17, 2026

@yashikada, to solve the issue reported on #97, please test the latest CI build https://github.com/JingMatrix/NeoZygisk/actions/runs/22118627757

@yashikada
Copy link
Copy Markdown

yashikada commented Feb 18, 2026

Yes works, this PR solve the issue reported on #97

@JingMatrix JingMatrix merged commit f779511 into master Feb 18, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JingMatrix @yashikada