The most likely reason for setfscreatecon to fail is that you don't have permission, and that's reported by the write return EACCES. There isn't really a "bad" context; they're just strings.
Before:
$ adb shell mkdir -Z x y
mkdir: bad -Z 'x'
After:
$ adb shell mkdir -Z x y
mkdir: -Z 'x' failed: Permission denied
Other than this, the ToT mkdir works fine with SELinux.
if (toys.optflags & FLAG_Z)
if (-1 == lsm_set_create(TT.arg_context))
- error_exit("bad -Z '%s'", TT.arg_context);
+ perror_exit("-Z '%s' failed", TT.arg_context);
if (mknod(*toys.optargs, mode|modes[type], makedev(major, minor)))
perror_exit("%s", *toys.optargs);
}
if (CFG_MKDIR_Z && (toys.optflags&FLAG_Z))
if (0>lsm_set_create(TT.arg_context))
- error_exit("bad -Z '%s'", TT.arg_context);
+ perror_exit("-Z '%s' failed", TT.arg_context);
if (TT.arg_mode) mode = string_to_mode(TT.arg_mode, 0777);
if (CFG_MKFIFO_Z && (toys.optflags&FLAG_Z))
if (0>lsm_set_create(TT.Z))
- error_exit("bad -Z '%s'", TT.Z);
+ perror_exit("-Z '%s' failed", TT.Z);
for (s = toys.optargs; *s; s++)
if (mknod(*s, S_IFIFO | TT.mode, 0) < 0) perror_msg("%s", *s);