I am looking for a way to modify /sepolicy (found in boot.img) for the purpose of installing a service. For security reasons, I don't want to install additional apps (Magisk or whatever). I want to modify the sepolicy on a computer and push the files directly using adb.
A popular tool called 'sepolicy-inject' does not work properly when trying to add a new domain (throws a segmentation fault). Rebuilding Replicant from source didn't work either (as reported in an issue).
How do you do this, please?