Currently, init.b2g.rc has oom-msg-logger running as uid=shell gid=system. Even though /proc/kmsg has the following permissions: -r--r----- root system 0 2013-11-15 19:10 kmsg Trying to read from /proc/kmsg while running as non-root yields: /system/bin/oom-msg-logger[13]: can't open /proc/kmsg: Operation not permitted It turns out that you need to have the CAP_SYSLOG capability to open /proc/kmsg. The documentation from android'd init.rc language says this: user <username> Change to username before exec'ing this service. Currently defaults to root. (??? probably should default to nobody) Currently, if your process requires linux capabilities then you cannot use this command. You must instead request the capabilities in-process while still root, and then drop to your desired uid. so basically, there is no way to even assign the capability unless you're root. So this change makes oom-msg-logger run as root. I'm going to file a followup bug that will suggest rewriting oom-msg-logger in C or C++ so that it can start as root, and give itself the CAP_SYSLOG capability and then set its uid/gid down to shell/system.

Comment on attachment 833300 [details] [diff] [review] 0001-Bug-939370-Make-oom-msg-logger-run-as-root-so-that-i.patch Thanks for figuring this out.