Open Radar

 
Summary:
My app includes a way for users to submit support tickets directly from the app. We try to include as much debugging information as possible so we can actually investigate and fix our users' technical issues.

We use the Apple System Log <asl> api to capture our own logging information. We use ASL_KEY_PID in our query so that we only capture log information for our process. This works great in our ad hoc release but fails in our App Store version because sandboxing makes all asl_search() calls return no results.

This means that we have no way to help our users short of directing them to try our ad hoc release, or roll our own logging system and stop using NSLog. Both of these options are undesirable.

It would be great if sandboxing allowed asl queries to go through when I'm querying my own PID, or if there was an entitlement I could adopt to make them work.

Steps to Reproduce:
Here is rough sample code:

#import <asl.h>

NSProcessInfo   *p = [NSProcessInfo processInfo];
NSString        *pidStr = [NSString stringWithFormat:@"%d", [p processIdentifier]];
const char      *pid = [pidStr UTF8String];
aslmsg          query = asl_new(ASL_TYPE_QUERY);

asl_set_query(query, ASL_KEY_PID, pid, ASL_QUERY_OP_EQUAL);

aslresponse     response = asl_search(NULL, query);

for (aslmsg entry = aslresponse_next(response); entry; entry = aslresponse_next(response))
{
    const char  *timestamp = asl_get(entry, ASL_KEY_TIME);
    const char  *logline = asl_get(entry, ASL_KEY_MSG);
}

asl_free(response);
asl_free(query);


Expected Results:
I expect that I should be able to read the console logs of my own process.

Actual Results:
All asl queries fail when sandboxed.