软件平台:Android11
硬件平台:QCS6125
需求:android启动后,默认后台记录logcat日志,并且设置每个文件大小为2M,最多记录30个文件,并且放置的data目录需要开放给app侧读取权限。
改动如下:
diff --git a/logcat/logcatd.rc b/logcat/logcatd.rc
index e19554a55..2fcdd2181 100755
--- a/logcat/logcatd.rc
+++ b/logcat/logcatd.rc
@@ -39,7 +39,7 @@ on property:logd.logpersistd.enable=true && property:logd.logpersistd=clear
setprop persist.logd.logpersistd ""
stop logcatd
# logd for clear of only our files in /data/misc/logd
- exec - logd log -- /system/bin/logcat -c -f /data/misc/logd/logcat -n ${logd.logpersistd.size:-256}
+ exec - logd log -- /system/bin/logcat -c -f /data/misc/logd/logcat -n ${logd.logpersistd.size:-30}
setprop logd.logpersistd ""
# stop logcatd service
@@ -52,7 +52,7 @@ on property:logd.logpersistd.enable=false
stop logcatd
# logcatd service
-service logcatd /system/bin/logcatd -L -b ${logd.logpersistd.buffer:-all} -v threadtime -v usec -v printable -D -f /data/misc/logd/logcat -r ${logd.logpersistd.rotate_kbytes:-2048} -n ${logd.logpersistd.size:-256} --id=${ro.build.id}
+service logcatd /system/bin/logcatd -L -b ${logd.logpersistd.buffer:-all} -v threadtime -v usec -v printable -D -f /data/misc/logd/logcat -r ${logd.logpersistd.rotate_kbytes:-2048} -n ${logd.logpersistd.size:-30} --id=${ro.build.id}
class late_start
#disabled
# logd for write to /data/misc/logd, log group for read from log daemon
diff --git a/logcat/logpersist b/logcat/logpersist
index 05b46f047..f37a0b83d 100755
--- a/logcat/logpersist
+++ b/logcat/logpersist
@@ -21,7 +21,7 @@ log_uid=logd
log_tag_property=persist.log.tag
data=/data/misc/logd/logcat
service=logcatd
-size_default=256
+size_default=30
buffer_default=all
args="${@}"
device目录添加app侧读取的selinux权限:
diff --git a/generic/vendor/common/system_app.te b/generic/vendor/common/system_app.te
index 9f74df79..50fdccc6 100755
--- a/generic/vendor/common/system_app.te
+++ b/generic/vendor/common/system_app.te
@@ -63,3 +63,7 @@ allow system_app vendor_sysfs_devicetree_soc:dir { search };
allow system_app ctl_dumpstate_prop:property_service set;
allow system_app dumpstate_socket:sock_file write;
allow system_app dumpstate:unix_stream_socket { connectto read getattr write setattr lock append getopt setopt shutdown listen accept };
+allow system_app misc_logd_file:dir { open read getattr setattr search };
+allow system_app misc_logd_file:file r_file_perms;
+allow system_app tombstone_data_file:dir r_dir_perms;
+allow system_app tombstone_data_file:file r_file_perms;
system目录相关添加:
diff --git a/prebuilts/api/30.0/private/logpersist.te b/prebuilts/api/30.0/private/logpersist.te
index ac324df88..118afcf28 100644
--- a/prebuilts/api/30.0/private/logpersist.te
+++ b/prebuilts/api/30.0/private/logpersist.te
@@ -24,6 +24,6 @@ neverallow logpersist {
userdebug_or_eng(`-misc_logd_file -coredump_file')
with_native_coverage(`-method_trace_data_file')
}:file { create write append };
-neverallow { domain -init -dumpstate -incidentd userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
-neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
-neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
+neverallow { domain -init -dumpstate -incidentd -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain -init -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
+neverallow { domain -init -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
diff --git a/private/logpersist.te b/private/logpersist.te
index ac324df88..118afcf28 100644
--- a/private/logpersist.te
+++ b/private/logpersist.te
@@ -24,6 +24,6 @@ neverallow logpersist {
userdebug_or_eng(`-misc_logd_file -coredump_file')
with_native_coverage(`-method_trace_data_file')
}:file { create write append };
-neverallow { domain -init -dumpstate -incidentd userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
-neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
-neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
+neverallow { domain -init -dumpstate -incidentd -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
+neverallow { domain -init -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
+neverallow { domain -init -system_app userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
Mark一下,编译验证调试~