Happy New Year! Let’s start 2020 with a new Magisk release :)
Magisk v20.2 add support for modules to include its own custom sepolicy patches. Developers used to use boot scripts along with the magiskpolicy
tool to do live sepolicy patches; however, this method leads to numerous issues as Android is no longer designed to allow live sepolicy patches, and on some devices (e.g. Huawei) this method is outright inapplicable.
To address this issue, Magisk allow module devs to create a new file called sepolicy.rule
in their modules. The module installer script and Magisk daemon will make sure this file is stored in somewhere accessible pre-init to allow magiskinit
to do its job every time your device boots up.
The old template is actually pretty convoluted: developers are expected to implement specific callback functions in their install.sh
, and the zip file structure does not directly represent how modules are actually stored on your device. The new module installer format makes creating new modules very easy, but still give experienced developers tons of freedom to do anything they want in the installation process.
For details regarding sepolicy.rule
and the new module installer format, please read the updated Developer Guides. Note that the old “Module Installer Template” is obsolete; creating a Magisk module no longer requires a “template” as it is now a straightforward process.