diff options
| author | Nick Kralevich <nnk@google.com> | 2013-10-10 12:38:44 -0700 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2013-10-10 12:38:44 -0700 |
| commit | aa4051dc4f90f987ba05269ce396d676571156e0 (patch) | |
| tree | 29f9730a4b5a1ab3e90460274aee6942ece88173 /init | |
| parent | 33d1e6294f609c4f417905239bd5a086f3ef880f (diff) | |
| parent | 2f924ebe0b0891dba1996c246839427b23705018 (diff) | |
| download | system_core-aa4051dc4f90f987ba05269ce396d676571156e0.tar.gz system_core-aa4051dc4f90f987ba05269ce396d676571156e0.tar.bz2 system_core-aa4051dc4f90f987ba05269ce396d676571156e0.zip | |
am 2f924ebe: am a94d2b39: Merge "Add a restorecon_recursive built-in command to init."
* commit '2f924ebe0b0891dba1996c246839427b23705018':
Add a restorecon_recursive built-in command to init.
Diffstat (limited to 'init')
| -rw-r--r-- | init/builtins.c | 16 | ||||
| -rw-r--r-- | init/init_parser.c | 1 | ||||
| -rw-r--r-- | init/keywords.h | 2 | ||||
| -rw-r--r-- | init/readme.txt | 8 |
4 files changed, 24 insertions, 3 deletions
diff --git a/init/builtins.c b/init/builtins.c index e8c8f9165..e2932d5d9 100644 --- a/init/builtins.c +++ b/init/builtins.c @@ -797,12 +797,24 @@ int do_chmod(int nargs, char **args) { int do_restorecon(int nargs, char **args) { int i; + int ret = 0; for (i = 1; i < nargs; i++) { if (restorecon(args[i]) < 0) - return -errno; + ret = -errno; } - return 0; + return ret; +} + +int do_restorecon_recursive(int nargs, char **args) { + int i; + int ret = 0; + + for (i = 1; i < nargs; i++) { + if (restorecon_recursive(args[i]) < 0) + ret = -errno; + } + return ret; } int do_setsebool(int nargs, char **args) { diff --git a/init/init_parser.c b/init/init_parser.c index 667c7ab5b..3f0838fe7 100644 --- a/init/init_parser.c +++ b/init/init_parser.c @@ -135,6 +135,7 @@ int lookup_keyword(const char *s) case 'r': if (!strcmp(s, "estart")) return K_restart; if (!strcmp(s, "estorecon")) return K_restorecon; + if (!strcmp(s, "estorecon_recursive")) return K_restorecon_recursive; if (!strcmp(s, "mdir")) return K_rmdir; if (!strcmp(s, "m")) return K_rm; break; diff --git a/init/keywords.h b/init/keywords.h index 5a44df356..97fe50cc8 100644 --- a/init/keywords.h +++ b/init/keywords.h @@ -17,6 +17,7 @@ int do_mount(int nargs, char **args); int do_powerctl(int nargs, char **args); int do_restart(int nargs, char **args); int do_restorecon(int nargs, char **args); +int do_restorecon_recursive(int nargs, char **args); int do_rm(int nargs, char **args); int do_rmdir(int nargs, char **args); int do_setcon(int nargs, char **args); @@ -71,6 +72,7 @@ enum { KEYWORD(powerctl, COMMAND, 1, do_powerctl) KEYWORD(restart, COMMAND, 1, do_restart) KEYWORD(restorecon, COMMAND, 1, do_restorecon) + KEYWORD(restorecon_recursive, COMMAND, 1, do_restorecon_recursive) KEYWORD(rm, COMMAND, 1, do_rm) KEYWORD(rmdir, COMMAND, 1, do_rmdir) KEYWORD(seclabel, OPTION, 0, 0) diff --git a/init/readme.txt b/init/readme.txt index 1e8c3920d..42a09cb82 100644 --- a/init/readme.txt +++ b/init/readme.txt @@ -192,12 +192,18 @@ mount <type> <device> <dir> [ <mountoption> ]* device by name. <mountoption>s include "ro", "rw", "remount", "noatime", ... -restorecon <path> +restorecon <path> [ <path> ]* Restore the file named by <path> to the security context specified in the file_contexts configuration. Not required for directories created by the init.rc as these are automatically labeled correctly by init. +restorecon_recursive <path> [ <path> ]* + Recursively restore the directory tree named by <path> to the + security contexts specified in the file_contexts configuration. + Do NOT use this with paths leading to shell-writable or app-writable + directories, e.g. /data/local/tmp, /data/data or any prefix thereof. + setcon <securitycontext> Set the current process security context to the specified string. This is typically only used from early-init to set the init context |