My usecase is really simple, I want to create a system app which starts a Service. (I'm new to custom-rom development)
To do so I've added: android:sharedUserId="android.uid.system" in my AndroidManifest.xml. As of now I'm still using an official Android version in my emulator (which is probably why I'm getting this issue)
I start my service with:
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) context.startForegroundService(service);
else context.startService(service);
Unfortunately the service doesn't start and I get the following error:
Calling a method in the system process without a qualified user:
android.app.ContextImpl.startForegroundService:1466
android.content.ContextWrapper.startForegroundService:649
EDIT: When looking to the source file the warn comes from the startForegroundService which does:
@Override
public ComponentName startService(Intent service) {
warnIfCallingFromSystemProcess();
return startServiceAsUser(service, mUser);
}
EDIT2: After some more investigation, I think the issue comes from
type=1400 audit(0.0:31): avc: denied { create } for name="mgmtsocket" scontext=u:r:system_app:s0 tcontext=u:object_r:system_app_data_file:s0 tclass=sock_file permissive=0
EDIT3: More informations:
- I'm testing against a rooted emulator which runs on Android 8 API 26 (official version)
- I've signed my app using the AOSP key from this and using the following command line
apksigner sign --key platform.pk8 --cert platform.x509.pem filename.apk - Concerning my permissions and service I have:
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<service
android:name=".MyService"
android:permission="android.permission.BIND_VPN_SERVICE"
android:exported="false">
<intent-filter>
<action android:name="android.net.VpnService" />
</intent-filter>
</service>