Scribd
Upload
108 views2 pages

Logcat Events

The document contains log entries from an auditd system log. It records events like policy loading, permission denials, process activity monitoring and notification events. Specifically it logs: - Loading of audit rules and switching to enforcing mode. - Denials of write permissions to debugfs files and search permissions to directories. - Process and memory usage statistics reported by am_pss and am_proc tools. - Additional permission denials when applications try to access restricted files and directories. - Notification events like cancelling and enqueueing from various applications.

Uploaded by

Inggrit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
108 views2 pages

Logcat Events

The document contains log entries from an auditd system log. It records events like policy loading, permission denials, process activity monitoring and notification events. Specifically it logs: - Loading of audit rules and switching to enforcing mode. - Denials of write permissions to debugfs files and search permissions to directories. - Process and memory usage statistics reported by am_pss and am_proc tools. - Additional permission denials when applications try to access restricted files and directories. - Notification events like cancelling and enqueueing from various applications.

Uploaded by

Inggrit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

05-02 17:18:20.170 207 207 I auditd : type=1403 audit(0.

0:2): policy loaded


auid=4294967295 ses=4294967295
05-02 17:18:20.170 207 207 I auditd : type=1404 audit(0.0:3): enforcing=1
old_enforcing=0 auid=4294967295 ses=4294967295
05-02 17:18:21.150 1 1 I auditd : type=1400 audit(0.0:4): avc: denied
{ write } for comm="init" name="trace_marker" dev="debugfs" ino=3085
scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
05-02 17:18:57.990 1 1 I auditd : type=1400 audit(0.0:5): avc: denied
{ write } for comm="init" name="trace_marker" dev="debugfs" ino=3085
scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
05-02 18:08:20.392 1637 10076 I metrics_heartbeat: []
05-02 18:55:45.159 1113 1113 I notification_cancel:
[10191,4474,com.whatsapp,1,KOtVCnPRjcetFZ/PyhH8zvAk+bhI5EGLDH2iM+x7dRE=
05-02 18:55:45.159 1113 1113 I notification_cancel: ,0,0,1088,8,NULL]
05-03 02:17:37.018 1637 28461 I metrics_heartbeat: []
05-03 04:05:39.762 8114 8114 I auditd : type=1400 audit(0.0:25995): avc: denied
{ search } for comm="lowpool[601]" name="theme" dev="mmcblk0p22" ino=24529
scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:coolshow_theme_file:s0
tclass=dir permissive=0
05-03 04:05:39.772 8114 8114 I auditd : type=1400 audit(0.0:25996): avc: denied
{ search } for comm="lowpool[601]" name="theme" dev="mmcblk0p22" ino=24529
scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:coolshow_theme_file:s0
tclass=dir permissive=0
05-03 09:42:22.260 1113 1135 I am_pss :
[22340,10097,com.UCMobile.intl:resident,30925824,29634560,101376]
05-03 09:42:22.313 1113 1135 I am_pss :
[1866,10022,com.cloudsx.android.coreservice,8889344,6533120,1523712]
05-03 09:42:22.365 1113 1135 I am_pss :
[1850,10041,com.dc.geek,4859904,1675264,2555904]
05-03 09:42:22.417 1113 1135 I am_pss :
[1672,10080,com.qiku.configcenter,7819264,3325952,3757056]
05-03 09:42:22.470 1113 1135 I am_pss :
[1621,1000,com.qiku.logsystem,18641920,15466496,1653760]
05-03 09:42:22.526 1113 1135 I am_pss :
[1403,1001,com.mediatek.wfo.impl,5301248,3268608,1300480]
05-04 01:32:00.000 1991 1991 I auditd : type=1400 audit(0.0:62556): avc: denied
{ search } for comm="launcher-loader" name="zram0" dev="sysfs" ino=7871
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:sysfs_zram:s0 tclass=dir
permissive=0
05-04 01:32:00.000 1991 1991 I auditd : type=1400 audit(0.0:62557): avc: denied
{ search } for comm="launcher-loader" name="zram0" dev="sysfs" ino=7871
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:sysfs_zram:s0 tclass=dir
permissive=0
05-04 04:07:01.059 1113 1113 I notification_cancel:
[10191,10666,com.whatsapp,1,Y1zyws0OspZPui6fsNMwgBx2eizFPYaN00hH5+lGn1s=
05-04 04:07:01.059 1113 1113 I notification_cancel: ,0,0,1088,8,NULL]
05-04 10:22:32.333 1113 1113 I am_proc_start:
[0,24532,10368,com.zlook.zw2f0,service,com.zlook.zw2f0/abc.stone.keeplive.service.M
ainJobService]
05-04 10:22:32.352 1113 4047 I am_proc_bound: [0,24532,com.zlook.zw2f0]
05-04 10:22:32.380 24532 24532 I auditd : type=1400 audit(0.0:80822): avc: denied
{ search } for comm="com.zlook.zw2f0" name="theme" dev="mmcblk0p22" ino=24529
scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:coolshow_theme_file:s0
tclass=dir permissive=0
05-04 10:22:32.380 24532 24532 I auditd : type=1400 audit(0.0:80823): avc: denied
{ search } for comm="com.zlook.zw2f0" name="theme" dev="mmcblk0p22" ino=24529
scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:coolshow_theme_file:s0
tclass=dir permissive=0
05-04 10:22:32.872 1113 1113 I notification_enqueue:
[10368,24532,com.zlook.zw2f0,13610,NULL,0,Notification(pri=0
contentView=com.zlook.zw2f0/0x1090093 vibrate=[0] sound=null defaults=0x0
flags=0x50 color=0x00000000 vis=PRIVATE),0]

You might also like