I'm trying to run sshd on LineageOS 13 at boot time. The setup is roughly speaking as was described for CyanogenMod in https://web.archive.org/web/20161224194019/https://wiki.cyanogenmod.org/w/Doc:_sshd . After following the suggested configurations steps, I can start sshd interactively under a root adb like so:
root@espressowifi:/ # /data/local/userinit.d/99sshd
Could not load host key: /data/ssh/ssh_host_dsa_key
It complains about the key, but starts anyway, and clients can connect, so far so good.
I now want to start sshd at boot time. It looks like this gets blocked by SELinux:
root@espressowifi:/ # logcat | grep 99sshd
01-25 17:44:28.492 199 199 W logwrapper: type=1400 audit(0.0:5): avc: denied { execute } for name="99sshd" dev=mmcblk0p10 ino=1830 scontext=u:r:sysinit:s0 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0
01-25 17:44:28.499 196 196 I 99sshd : executing /data/local/userinit.d/99sshd failed: Permission denied
01-25 17:44:28.499 199 199 E logwrapper: executing /data/local/userinit.d/99sshd failed: Permission denied
01-25 17:44:28.506 196 196 I 99sshd : 99sshd terminated by exit(255)
I tried to chcon the 99sshd file, to no avail, and in fact the context ends up being restored after booting. That restored file context seems to be taken from /file_contexts, which you can edit after a
root@espressowifi:/ # mount -o rw,remount -t rootfs /
But that file also gets restored to some original version. setenforce 0 doesn't survive booting.
Other people seem to have had similar issues, but the lineageos jira tags the issue as a feature: https://jira.lineageos.org/browse/BUGBASH-118
Is there a way to run custom boot scripts under Lineage OS 13?
