Dear Google.
I have a question for logwrapper on M OS.
It looks that we cannot use logwrapper on M OS, could you give a guide for it ?
Please correct me if I'm wrong.
We can not use logwrapper service on M OS because of init Neverallow Rule.
AOSP file context : /system/bin/logwrapper u:object_r:system_file:s0
Vendor init.rc: service AAA /system/bin/logwrapper /system/bin/AAA
Vendor file_context and policy
: /system/bin/AAA u:object_r:AAA_exec:s0
init_daemon_domain(AAA)
The other problem is that vendor cannot change the aosp file_context due to new CTS,testAospFileContexts
Do you like not to use "service logwrapper ..." ? or only use at eng binary ?
- Neverallow Rule
# init should never execute a program without changing to another domain.
neverallow init { file_type fs_type }:file execute_no_trans;
AOSP file context : /system/bin/logwrapper u:object_r:system_file:s0
Thanks, Kukjin.
|
|
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
