summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChia-chi Yeh2009-06-19 01:59:08 -0500
committerChia-chi Yeh2009-06-19 02:53:28 -0500
commit88dc657d50cb3289a9011828c497eee996ed958c (patch)
tree8d703a2e08d9dbe206cd5fdadeb535672252a6d5
parentabd54c1b78983ce425250dba137e203b7020637e (diff)
downloadplatform-system-core-88dc657d50cb3289a9011828c497eee996ed958c.tar.gz
platform-system-core-88dc657d50cb3289a9011828c497eee996ed958c.tar.xz
platform-system-core-88dc657d50cb3289a9011828c497eee996ed958c.zip
Add device, property, directory, and file permissions for VPN.
-rw-r--r--include/private/android_filesystem_config.h10
-rw-r--r--init/devices.c3
-rw-r--r--init/property_service.c2
3 files changed, 9 insertions, 6 deletions
diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h
index 459062682..6ba574b12 100644
--- a/include/private/android_filesystem_config.h
+++ b/include/private/android_filesystem_config.h
@@ -62,6 +62,7 @@
62#define AID_NET_BT 3002 /* bluetooth: create sco, rfcomm or l2cap sockets */ 62#define AID_NET_BT 3002 /* bluetooth: create sco, rfcomm or l2cap sockets */
63#define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */ 63#define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */
64#define AID_NET_RAW 3004 /* can create raw INET sockets */ 64#define AID_NET_RAW 3004 /* can create raw INET sockets */
65#define AID_NET_ADMIN 3005 /* can configure interfaces and routing tables. */
65 66
66#define AID_MISC 9998 /* access to misc storage */ 67#define AID_MISC 9998 /* access to misc storage */
67#define AID_NOBODY 9999 68#define AID_NOBODY 9999
@@ -101,6 +102,7 @@ static struct android_id_info android_ids[] = {
101 { "keystore", AID_KEYSTORE, }, 102 { "keystore", AID_KEYSTORE, },
102 { "inet", AID_INET, }, 103 { "inet", AID_INET, },
103 { "net_raw", AID_NET_RAW, }, 104 { "net_raw", AID_NET_RAW, },
105 { "net_admin", AID_NET_ADMIN, },
104 { "misc", AID_MISC, }, 106 { "misc", AID_MISC, },
105 { "nobody", AID_NOBODY, }, 107 { "nobody", AID_NOBODY, },
106}; 108};
@@ -135,7 +137,7 @@ static struct fs_path_config android_dirs[] = {
135 { 00750, AID_ROOT, AID_SHELL, "sbin" }, 137 { 00750, AID_ROOT, AID_SHELL, "sbin" },
136 { 00755, AID_ROOT, AID_SHELL, "system/bin" }, 138 { 00755, AID_ROOT, AID_SHELL, "system/bin" },
137 { 00755, AID_ROOT, AID_SHELL, "system/xbin" }, 139 { 00755, AID_ROOT, AID_SHELL, "system/xbin" },
138 { 00777, AID_ROOT, AID_ROOT, "system/etc/ppp" }, /* REMOVE */ 140 { 00755, AID_ROOT, AID_ROOT, "system/etc/ppp" },
139 { 00777, AID_ROOT, AID_ROOT, "sdcard" }, 141 { 00777, AID_ROOT, AID_ROOT, "sdcard" },
140 { 00755, AID_ROOT, AID_ROOT, 0 }, 142 { 00755, AID_ROOT, AID_ROOT, 0 },
141}; 143};
@@ -147,20 +149,18 @@ static struct fs_path_config android_dirs[] = {
147** and will allow partial matches. 149** and will allow partial matches.
148*/ 150*/
149static struct fs_path_config android_files[] = { 151static struct fs_path_config android_files[] = {
150 { 00555, AID_ROOT, AID_ROOT, "system/etc/ppp/ip-up" },
151 { 00555, AID_ROOT, AID_ROOT, "system/etc/ppp/ip-down" },
152 { 00440, AID_ROOT, AID_SHELL, "system/etc/init.goldfish.rc" }, 152 { 00440, AID_ROOT, AID_SHELL, "system/etc/init.goldfish.rc" },
153 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.goldfish.sh" }, 153 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.goldfish.sh" },
154 { 00440, AID_ROOT, AID_SHELL, "system/etc/init.trout.rc" }, 154 { 00440, AID_ROOT, AID_SHELL, "system/etc/init.trout.rc" },
155 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.ril" }, 155 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.ril" },
156 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.testmenu" }, 156 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.testmenu" },
157 { 00550, AID_ROOT, AID_SHELL, "system/etc/init.gprs-pppd" },
158 { 00550, AID_DHCP, AID_SHELL, "system/etc/dhcpcd/dhcpcd-run-hooks" }, 157 { 00550, AID_DHCP, AID_SHELL, "system/etc/dhcpcd/dhcpcd-run-hooks" },
159 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/dbus.conf" }, 158 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/dbus.conf" },
160 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/hcid.conf" }, 159 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/hcid.conf" },
161 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/input.conf" }, 160 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/input.conf" },
162 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/audio.conf" }, 161 { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/audio.conf" },
163 { 00440, AID_RADIO, AID_AUDIO, "/system/etc/AudioPara4.csv" }, 162 { 00440, AID_RADIO, AID_AUDIO, "system/etc/AudioPara4.csv" },
163 { 00555, AID_ROOT, AID_ROOT, "system/etc/ppp/*" },
164 { 00644, AID_SYSTEM, AID_SYSTEM, "data/app/*" }, 164 { 00644, AID_SYSTEM, AID_SYSTEM, "data/app/*" },
165 { 00644, AID_SYSTEM, AID_SYSTEM, "data/app-private/*" }, 165 { 00644, AID_SYSTEM, AID_SYSTEM, "data/app-private/*" },
166 { 00644, AID_APP, AID_APP, "data/data/*" }, 166 { 00644, AID_APP, AID_APP, "data/data/*" },
diff --git a/init/devices.c b/init/devices.c
index 49335a55e..ac72b345d 100644
--- a/init/devices.c
+++ b/init/devices.c
@@ -132,7 +132,8 @@ static struct perms_ devperms[] = {
132 { "/dev/qmi0", 0640, AID_RADIO, AID_RADIO, 0 }, 132 { "/dev/qmi0", 0640, AID_RADIO, AID_RADIO, 0 },
133 { "/dev/qmi1", 0640, AID_RADIO, AID_RADIO, 0 }, 133 { "/dev/qmi1", 0640, AID_RADIO, AID_RADIO, 0 },
134 { "/dev/qmi2", 0640, AID_RADIO, AID_RADIO, 0 }, 134 { "/dev/qmi2", 0640, AID_RADIO, AID_RADIO, 0 },
135 { "/dev/tun", 0640, AID_VPN , AID_VPN, 0 }, 135 { "/dev/ppp", 0660, AID_RADIO, AID_VPN, 0 },
136 { "/dev/tun", 0640, AID_VPN, AID_VPN, 0 },
136 { NULL, 0, 0, 0, 0 }, 137 { NULL, 0, 0, 0, 0 },
137}; 138};
138 139
diff --git a/init/property_service.c b/init/property_service.c
index 48ca3ea33..23a8821d0 100644
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -67,6 +67,8 @@ struct {
67 { "wlan.", AID_SYSTEM }, 67 { "wlan.", AID_SYSTEM },
68 { "dhcp.", AID_SYSTEM }, 68 { "dhcp.", AID_SYSTEM },
69 { "dhcp.", AID_DHCP }, 69 { "dhcp.", AID_DHCP },
70 { "vpn.", AID_SYSTEM },
71 { "vpn.", AID_VPN },
70 { "debug.", AID_SHELL }, 72 { "debug.", AID_SHELL },
71 { "log.", AID_SHELL }, 73 { "log.", AID_SHELL },
72 { "service.adb.root", AID_SHELL }, 74 { "service.adb.root", AID_SHELL },