aboutsummaryrefslogtreecommitdiffstats
path: root/init
Commit message (Collapse)AuthorAgeFilesLines
* ueventd: allow platform devices to have just a /devices/ prefix - DO NOT MERGEDima Zavin2013-09-051-39/+44
| | | | | | | | | | | | | | When using device tree, platform devices may not have a /devices/platform/ path prefix, but can be rooted in /devices/. Modify the platform device tracking code to store the device path as well as the name. This way, when we create symlinks, we can correctly skip the base platform device prefix and get to the proper device node path. Change-Id: I939ef8fbcb45c5c803cd9a054e40136a912efc72 Signed-off-by: Dima Zavin <dima@android.com>
* Fix building without SELINUXRicardo Cerqueira2013-07-181-1/+1
| | | | | | | since the scon is now a mandatory arg, it needs to exist even if NULL Change-Id: I8ba31a7a8cf357e9b0c43cee81ab49d3eb192819
* Add support for socket security context specification.Stephen Smalley2013-07-187-16/+25
| | | | | | | | | | | | | | | | | | | | | | | Add an optional argument to the socket option for specifying a SELinux security context for the socket. Normally the socket security context is automatically computed from the service security context or set using the seclabel option, but this facility allows dealing with two scenarios that cannot be addressed using the existing mechanisms: 1) Use of logwrapper to wrap a service. In this case, init cannot determine the service security context as it does not directly execute it and we do not want logwrapper to run in the same domain as the service. 2) Situations where a service has multiple sockets and we want to label them distinctly. Change-Id: I7ae9088c326a2140e56a8044bfb21a91505aea11 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Conflicts: init/init.c init/util.c
* Create a new location for /data policy filesWilliam Roberts2013-07-182-2/+2
| | | | | | | | | | Updating the location of policy files from /data/system to /data/securtiy. Requires a new directory to be created by init and an update to the location of the property_contexts file for property service. Change-Id: Ibac2a84dfb403339bd169787cb5b7f24655be429
* Change setsebool syntax to be consistent with other init built-ins.Stephen Smalley2013-07-183-24/+19
| | | | | | | | | | | | | Change setsebool syntax from name=value to name value. This is to make it consistent with setprop and similar commands. Update both the init built-in command and the toolbox command for consistency. Change-Id: I2c8e016ba26731c4a2ad4a49ae3b89362bf8f8a8 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Conflicts: init/builtins.c
* Label sockets consistently with the seclabel value if specified.Stephen Smalley2013-07-181-19/+27
| | | | | | | | This is necessary to ensure that the adbd socket is created in the adbd domain rather than the init domain. Change-Id: Id4997d7f074aeefea62b41c87b46a6609e03f527 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* Add persist.mac_enforcing_mode propertyBob Craig2013-07-181-0/+1
| | | | | Conflicts: init/property_service.c
* Document the SELinux extensions to the Android init language.Stephen Smalley2013-07-181-0/+26
| | | | | Change-Id: I9b066e0789c93e5147c28a60baeed91c44dd9359 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* Add support for -R (recurse) to init chown builtin.Stephen Smalley2013-07-182-2/+44
| | | | | | | | | This is helpful for setting ownerships on entire directory trees, such as sysfs and selinuxfs, particularly when the precise set of files is dynamically generated at runtime. Change-Id: I81070ea36fd7ffcab4ee8b3ef1bb0028d4b7839c Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* init: fix indentation and tabGiulio Cervera2013-05-211-15/+15
| | | | Change-Id: Ia832ab4df5d955b2fa2b791baf9444aca21c2571
* Revert "init: allow media to set persist.camera property"Daniel Hillenbrand2013-05-101-1/+0
| | | | | | | | !!! PROPERTY_PERMS_APPEND !!! This reverts commit 49506dc95cabe45332a34f9ce594a3115c4428ee Change-Id: I815f0145845336834f9022ceba25527c47a9bd5c
* init: allow media to set persist.camera propertyDaniel Hillenbrand2013-05-101-0/+1
| | | | Change-Id: Ife28c39da107b53b9c497be9fcbad3159031b8fe
* init: Check for symlinks with lstat() not open()Andrew Dodd2013-02-271-30/+16
| | | | | | | | | | | | | | | | | Using open() with an O_NOFOLLOW flag will result in a file falsely being determined to be a symlink if the open fails for another reason. For example, a character device that isn't ready due to the underlying hardware not being initialized yet will fail to open() An example of this are any CG2900 device files prior to execution of ste-cg29xx_ctrl This uses lstat() instead of open() with O_NOFOLLOW to check whether a file is a symlink or not. Change-Id: Ie0d8d94b426c84c29b1b04d41a4cc15536cb307c
* Init: Allow building of init that is compatible with second init bootdhacker292013-01-262-0/+10
| | | | | | | | | When using second init init has already set up /dev /proc, etc this will prevent duplicate mount points for those Define BOARD_USE_NO_DEVFS_SETUP := true to use Change-Id: I5620664b32e08f39da7ef7c7f9c3824d01f930d6 Signed-off-by: dhacker29 <davidhackerdvm@gmail.com>
* Set ANDROID_PROPERTY_WORKSPACE in exec.Steve Kondik2012-12-131-1/+7
| | | | Change-Id: Ib827bf14b4463ca6277b79256bcc4cd70f63fc31
* Revert "init: Never allow two same-service processes to exist simultaneously."Steve Kondik2012-12-074-38/+15
| | | | | | | | | | | | This reverts commit abe57d0b4e994e31eb31ec98dfa6d4b74e29502e. Revert "Restart oneshot services when manually restarted." This reverts commit e889a4746b6f3cd1c6749312c255b14eedc5f778. Revert "Safely restart services to avoid race conditions." This reverts commit 9d1a567eb0d6ac8d0040228e7c41668c8e3eb37e.
* init: Bring back support for arbitrary chargermode cmdlinesRicardo Cerqueira2012-12-011-0/+15
| | | | | | | | This was accidentally removed while debugging the init breakage fixed in change I8ef5c932efcd5e7f8d6f6fce0915683d84c3ee11. Put it back Change-Id: If35b9d5db281f8aab6de26f2bb63717d28b2db30
* Deprecate distinct boot paths for androidboot.emmcRicardo Cerqueira2012-11-192-20/+11
| | | | | | | | Qualcomm used to require a "on emmc-fs" to distinguish multi-boot devices, in replacement of the usual "on fs". This distinction has been deprecated in jb, and it's breaking mako Change-Id: I8ef5c932efcd5e7f8d6f6fce0915683d84c3ee11
* init: Add support for properties expansion in exec commandDavid Ng2012-11-191-0/+19
| | | | | | | | Add Android properties expansion to 'exec' arguments. E.g. exec /system/bin/log ${sys.usb.config} CRs-Fixed: 390942 Change-Id: Ie520396d951e578bd9f591734a45d2f460b8f51d
* Add support for exec command in init scripts.Shashank Mittal2012-11-191-1/+27
| | | | Change-Id: Iee523fd75410718f0bd090f5fdcba50825a698c4
* Revert "init: Implement exec support"Ricardo Cerqueira2012-11-191-35/+1
| | | | | | This reverts commit 2f0ed0d3ced82e53b1fc1f994c6bd3e97683264c. Change-Id: Ia0754c913da3d20c4e0c207ca479c043d394944e
* Revert "init: Add support for properties expansion in exec command"Ricardo Cerqueira2012-11-191-20/+0
| | | | This reverts commit 590e70506cab66bd6b41adfd15ef09bb42df2953.
* Revert "init: Check for symlinks with lstat() not open()"Ricardo Cerqueira2012-11-191-16/+30
| | | | This reverts commit f3e86113ceae0e58735ca99754d77b1b9d1a83b5.
* Merge branch 'jb-mr1-release' of ↵Steve Kondik2012-11-1813-172/+409
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://android.googlesource.com/platform/system/core into mr1 Conflicts: adb/Android.mk adb/usb_vendors.c include/private/android_filesystem_config.h include/system/audio.h include/system/camera.h init/property_service.c libnetutils/ifc_utils.c mkbootimg/mkbootimg.c rootdir/init.rc Change-Id: Ie42f0c14808e9f8cabd24854bfe15b6667955229
| * init: Set ADDR_COMPAT_LAYOUT before spawning processes.Nick Kralevich2012-10-051-0/+16
| | | | | | | | | | | | | | | | | | Some Android programs have problems with memory which grows from the top down. Temporarily set ADDR_COMPAT_LAYOUT to avoid breaking those programs. Bug: 7188322 Change-Id: I61760500e670b4563838c63b82d4a0b6e354a86e
| * init: Don't read local properties if ro.debuggable=0Nick Kralevich2012-09-191-6/+12
| | | | | | | | | | Bug: 7195965 Change-Id: I29fdad61aa61f2c46d49db227cf7b84d9cc6f25d
| * am 3af04b71: am 7c386a61: Merge "Extend and document the "wait" command"Jean-Baptiste Queru2012-08-202-2/+9
| |\ | | | | | | | | | | | | * commit '3af04b71e51e89af02a1fe526e4fc32dce0100d3': Extend and document the "wait" command
| | * Merge "Extend and document the "wait" command"Jean-Baptiste Queru2012-08-202-2/+9
| | |\
| | | * Extend and document the "wait" commandPatrick McCormick2012-07-242-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The wait command was currently implemented but undocumented and only used internally. This change adds a second option toi (optionally) override the default timeout of 5 seconds. The wait command can be used to wait for a file to appear during the boot process, for example a disk or other device, and is a better alternative than an unconditional sleep. Change-Id: Ia11d8419c0ea84deec0e1bf5adfca5bc76ff38b7 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
| * | | am e3bdaeb6: am 2765e4fb: Merge "Use sigemptyset to initialise signal mask ↵Jean-Baptiste Queru2012-08-151-3/+1
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | as it is more portable. Referencing sa_restorer fails on MIPS" * commit 'e3bdaeb603ab7ac941b35b41856c6b8ebf47c6bb': Use sigemptyset to initialise signal mask as it is more portable. Referencing sa_restorer fails on MIPS
| | * | Use sigemptyset to initialise signal mask as it is more portable.Chris Dearman2012-08-141-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Referencing sa_restorer fails on MIPS Change-Id: I81c9ed5ef027a9d5258942ffcecb96e3f787e93c Signed-off-by: Chris Dearman <chris@mips.com>
| * | | Merge "bluetooth: bring up with bluedroid stack" into jb-mr1-devIliyan Malchev2012-08-151-1/+1
| |\ \ \
| | * | | bluetooth: bring up with bluedroid stackJeonghoon lim2012-08-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - change permission of "bluetooth." property to AID_BLUETOOTH Change-Id: Ifcd97f136cfc3372412fe500e4f800d1bbbd065c
| * | | | init: Fix mkdir command when using ISUID or ISGID bitBenoit Goby2012-08-141-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On first boot, the directory is created with root:root ownership and then chowned. chown clears the ISUID and ISGID bits, so we need to chmod the directory again after chown. Change-Id: I02dfe7a19a637678256b4e7cc09e6b5431e6f11e
| * | | | Merge "Support shared-subtree and bind mount flags." into jb-mr1-devJeff Sharkey2012-08-141-0/+6
| |\ \ \ \ | | |/ / / | |/| | |
| | * | | Support shared-subtree and bind mount flags.Jeff Sharkey2012-08-141-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | Bug: 6925012 Change-Id: Id8d887d17c6b1b2f90cfd1a1de991ccaba730b7d
| * | | | am ee0d281a: am c95c15b1: Merge "Char device /dev/dri/card0 was not created ↵Jean-Baptiste Queru2012-08-141-0/+3
| |\ \ \ \ | | |/ / / | |/| / / | | |/ / | | | | | | | | | | | | during startup." * commit 'ee0d281a3e5fe611bdda23db18fa0e5684ee43ed': Char device /dev/dri/card0 was not created during startup.
| | * | Merge "Char device /dev/dri/card0 was not created during startup."Jean-Baptiste Queru2012-08-141-0/+3
| | |\ \
| | | * | Char device /dev/dri/card0 was not created during startup.Lukasz Anaczkowski2012-07-231-0/+3
| | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | This device is required by libdrm for GPUs like IvyBridge. Change-Id: I0ac47056a9cec2100f3e6eaa5591571fe6bbc145 Signed-off-by: Lukasz Anaczkowski <lukasz.anaczkowski@intel.com> Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
| * | | am 11c783f1: am 9494f297: Merge "Implement SELinux/MAC checks for property ↵Kenny Root2012-08-133-11/+123
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | service." * commit '11c783f1ead9f276e8854cb1adaebeed8517e8a1': Implement SELinux/MAC checks for property service.
| | * | Implement SELinux/MAC checks for property service.rpcraig2012-08-093-11/+123
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a set of changes to the init property service implementation to apply a SELinux check over who can change what properties. Also included control hooks for the 'ctl' keys. Change-Id: I5a18809bf5536f6459a36b6bf0d622b9f5061aa0 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
| * | | resolved conflicts for merge of 4dcd52ab to jb-mr1-devKenny Root2012-08-134-91/+38
| |\| | | | | | | | | | | | | | Change-Id: Ibd0c03a7883a2e31adab18543c016776b7b36866
| | * | Add support for reloading policy from /data/system.Stephen Smalley2012-08-094-91/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To support runtime policy management, add support for reloading policy from /data/system. This can be triggered by setting the selinux.loadpolicy property to 1, whether from init.rc after mounting /data or from the system_server (e.g. upon invocation of a new device admin API for provisioning policy). ueventd and installd are restarted upon policy reloads to pick up the new policy configurations relevant to their operation. Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
| * | | am f442cf27: am b3a5343e: Merge "Fixed a discarded const qualifier warning"Stephen Hines2012-08-081-1/+1
| |\| | | | | | | | | | | | | | | | | | * commit 'f442cf27c5d1229eb32973cb499578ccd63ba727': Fixed a discarded const qualifier warning
| | * | Merge "Fixed a discarded const qualifier warning"Stephen Hines2012-08-081-1/+1
| | |\ \
| | | * | Fixed a discarded const qualifier warningEdwin Vane2012-08-021-1/+1
| | | |/ | | | | | | | | | | | | | | | | | | | | Change-Id: I9007924d0bf49705363aa130e6e588a9e0ccdc31 Author: Edwin Vane <edwin.vane@intel.com> Reviewed-by: Tareq A Siraj <tareq.a.siraj@intel.com>
| * | | am faad67fa: am ef3f7fa3: Merge "Set the SELinux security label on new ↵Jean-Baptiste Queru2012-08-085-45/+62
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | directories." * commit 'faad67fac68642ca039fe5c29099acebf546f5ee': Set the SELinux security label on new directories.
| | * | Merge "Set the SELinux security label on new directories."Jean-Baptiste Queru2012-08-085-45/+62
| | |\ \ | | | |/ | | |/|
| | | * Set the SELinux security label on new directories.Stephen Smalley2012-07-265-45/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatically set the SELinux security label on directories created by init.rc. This avoids the need to separately call restorecon on each such directory from the init.rc file. Also restorecon /dev and /dev/socket after initial policy load so that they are labeled correctly before any other dev nodes or sockets are created. Change-Id: If6af6c4887cdead949737cebdd673957e9273ead Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
| | | * init: Fix chown and chmod for write-only filesBenoit Goby2012-05-041-2/+13
| | | | | | | | | | | | | | | | Change-Id: I570b631ced11ab104aafe7ebfe71bae4e380d8af
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-25 09:06:43 +0000