Debugging init via logwrapper not supported?
415 views
Skip to first unread message
Chih-Wei Huang
Sep 20, 2017, 12:10:04 PM9/20/17
to android-platform
On porting Android 8.0, I'm trying to put my service under logwrapper
as suggested by system/core/init/README.md:
Debugging init
--------------
By default, programs executed by init will drop stdout and stderr into
/dev/null. To help with debugging, you can execute your program via the
Android program logwrapper. This will redirect stdout/stderr into the
Android logging system (accessed via logcat).
For example
service akmd /system/bin/logwrapper /sbin/akmd
However, it doesn't work since no selinux domain defined:
[ 1.232577] context: exec 1 (/system/bin/logwrapper) does not have a SELinux domain defined
Then I tried to add a SELinux domain for logwrapper like:
type logwrapper, domain;
type logwrapper_exec, exec_type, file_type;
init_daemon_domain(logwrapper)
However, it can't compile:
FAILED: out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.bin
/bin/bash -c "(out/host/linux-x86/bin/checkfc out/target/product/x86_64/obj/ETC/sepolicy_intermediates/sepolicy out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp ) && (out/host/linux-x86/bin/sefcontext_compile -o out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.bin out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp )"
out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp: Multiple different specifications for /system/bin/logwrapper (u:object_r:logwrapper_exec:s0 and u:object_r:system_file:s0).
Error: could not load context file from out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp
Can't I define a SELinux domain for logwrapper?
If so then debugging via logwrapper is not supported now?
as suggested by system/core/init/README.md:
Debugging init
--------------
By default, programs executed by init will drop stdout and stderr into
/dev/null. To help with debugging, you can execute your program via the
Android program logwrapper. This will redirect stdout/stderr into the
Android logging system (accessed via logcat).
For example
service akmd /system/bin/logwrapper /sbin/akmd
However, it doesn't work since no selinux domain defined:
[ 1.232577] context: exec 1 (/system/bin/logwrapper) does not have a SELinux domain defined
Then I tried to add a SELinux domain for logwrapper like:
type logwrapper, domain;
type logwrapper_exec, exec_type, file_type;
init_daemon_domain(logwrapper)
However, it can't compile:
FAILED: out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.bin
/bin/bash -c "(out/host/linux-x86/bin/checkfc out/target/product/x86_64/obj/ETC/sepolicy_intermediates/sepolicy out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp ) && (out/host/linux-x86/bin/sefcontext_compile -o out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.bin out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp )"
out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp: Multiple different specifications for /system/bin/logwrapper (u:object_r:logwrapper_exec:s0 and u:object_r:system_file:s0).
Error: could not load context file from out/target/product/x86_64/obj/ETC/file_contexts.bin_intermediates/file_contexts.concat.tmp
Can't I define a SELinux domain for logwrapper?
If so then debugging via logwrapper is not supported now?
Tom Cherry
Sep 20, 2017, 2:31:42 PM9/20/17
to android-platform
There is an option for services, `seclabel` that allows you to specify the SELinux domain for the service. Could you find the correct selabel for your /sbin/akmd service and provide that to the seclabel option for your logwrapper version of the service? That should solve this problem.
I'll update the documentation for this.
Tom
Reply all
Reply to author
Forward
0 new messages