diff options
| author | Luis Hector Chavez | 2018-07-30 15:06:46 -0500 |
|---|---|---|
| committer | Luis Hector Chavez | 2018-07-30 15:06:46 -0500 |
| commit | 0451fd65841f627e0173e5c64a9319d10d0918ac (patch) | |
| tree | d425f643a7ab8c4685bba2895e8143fb3bb83b65 | |
| parent | a8dcef20126ccc432f211b02b261c6742b3566fe (diff) | |
| download | platform-system-core-0451fd65841f627e0173e5c64a9319d10d0918ac.tar.gz platform-system-core-0451fd65841f627e0173e5c64a9319d10d0918ac.tar.xz platform-system-core-0451fd65841f627e0173e5c64a9319d10d0918ac.zip | |
Make /acct have 0555 permissions after mounting
This change adds a `chmod 0555 /acct` just after mounting the cgroup fs
on it. This makes it such that even on systems where the rootdir+system
partitions are shared, the permissions allow for the system user to open
files within /acct, which in turn makes libprocessgroup not complain
that it can never do anything with those files.
Bug: 111996377
Test: adb shell 'ls -ldZ /acct' # Before and after, on an aosp_sailfish
dr-xr-xr-x 48 root root u:object_r:cgroup:s0 0 1971-12-29 17:41 /acct
Change-Id: Iee6531126c6e81aa7794e44500555bd3c1cdf7b8
| -rw-r--r-- | rootdir/init.rc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index d3f038ea5..486d096ab 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc | |||
| @@ -26,6 +26,7 @@ on early-init | |||
| 26 | 26 | ||
| 27 | # Mount cgroup mount point for cpu accounting | 27 | # Mount cgroup mount point for cpu accounting |
| 28 | mount cgroup none /acct nodev noexec nosuid cpuacct | 28 | mount cgroup none /acct nodev noexec nosuid cpuacct |
| 29 | chmod 0555 /acct | ||
| 29 | mkdir /acct/uid | 30 | mkdir /acct/uid |
| 30 | 31 | ||
| 31 | # root memory control cgroup, used by lmkd | 32 | # root memory control cgroup, used by lmkd |