selinux denies busybox although selinux is set to permissive?

Device-info: - Phone: Sony Xperia Z1 - Model number: C6903 - Android version: 5.1.1 - Build Number: 14.6.A.1.236 - Rooted, BusyBox and Terminal Emulator installed (Play Store Version!!!) I have formatted an SD-Card to an ext4-filesystem and put another Linux on it. After mounting the filesystem and files without problems I want to execute: chroot /data/local/mnt /bin/bash with /data/local/mnt is the Linux root-folder. Execute the line above leads to the message: chroot: can't execute '/bin/bash': Permission denied I have checked the permission of /bin/bash and also of /data/local/mnt and remounted nearly every path which are related to that folder with exec and rw permission. So maybe you know some special rights-associated files or folders I forgot, but I think the problem is something else... After readed that some of the [Linux-on-Android project-users](http://forum.xda-developers.com/showthread.php?t=1585009) had some trouble with executing the init.sh because of selinux I set it to permissive: root@C6903:/ # setenforce 0 and checked it: root@C6903:/ # getenforce Permissive (Of course) chroot does not work. So I checked the message buffer of the kernel for selinux-avc-deny-messages and BINGO: root@C6903:/ # dmesg | grep denied ... [58575.652383] type=1400 audit(1470337082.042:10188): avc: denied { read } for pid=18553 comm="busybox" name="mmcblk0p23" dev="tmpfs" ino=9821 scontext=u:r:ric:s0 tcontext=u:object_r:block_device:s0 tclass=blk_file op_res=0 ppid=4602 pcomm="ric" tgid=4602 tgcomm="ric" [58575.653740] type=1400 audit(1470337082.042:10189): avc: denied { open } for pid=18553 comm="busybox" name="mmcblk0p23" dev="tmpfs" ino=9821 scontext=u:r:ric:s0 tcontext=u:object_r:block_device:s0 tclass=blk_file op_res=0 ppid=4602 pcomm="ric" tgid=4602 tgcomm="ric" [58575.655002] type=1400 audit(1470337082.042:10190): avc: denied { ioctl } for pid=18553 comm="busybox" path="/dev/block/mmcblk0p23" dev="tmpfs" ino=9821 scontext=u:r:ric:s0 tcontext=u:object_r:block_device:s0 tclass=blk_file op_res=0 ppid=4602 pcomm="ric" tgid=4602 tgcomm="ric" These are just 3. You can have some more if you want! So 1. QUESTION: **Why does selinux denies something when getenforce returns Permissive???** But I thought first that could be fixed anyway by allowing all these denied permissions with: supolicy --live "allow source_class target_class permission_class permission" FOR EXAMPLE: root@C6903:/ # supolicy --live "allow ric rootfs file execute_no_trans" which returns: Patching policy ... -allow:ric:rootfs:file:execute_no_trans=ok - Success Well (of course) it did not work AND I get a denied message for the exact same case for a bunch of cases. So 2. QUESTION: **Why does allowing policies not change policies to be allowed???** (Of course) I am not 100% sure if the denial of executing chroot is related to selinux and it would be very easy to find it out if I could just set it to permissive.... So 3. QUESTION: **How to solve this problem?** In [Graeme Hill's Dev Blog](http://graemehill.ca) article [Compiling a permissive Android kernel](http://graemehill.ca/compiling-permissive-android-kernel/) he says: >There is a command called setenforce which toggles modes, and there are some apps on the Google Play store which do the same thing, but none of them will work until we modify the kernel. 4. Question: **Is that related to every device with Android 5.X or differs from manufacturers?**