init: document what host init verifier checks

Bug: 36970783 Test: n/a Change-Id: Ic42a55d7b5bb4fec364ac3b5d9a67bcd38cbcc8d
author: Tom Cherry 2018-06-20 12:21:37 -0500
committer: Tom Cherry 2018-06-20 12:21:37 -0500
commit: 47111aee401300f36b856a8fedca57277172aee3 (patch)
tree: fc6c78b1dc25d997f9bfad2b9b46c6ba3a66cfe6 /init
parent: 28a3160c077446719fe9c95e0a0730689e8e44ad (diff)
download: platform-system-core-47111aee401300f36b856a8fedca57277172aee3.tar.gz
platform-system-core-47111aee401300f36b856a8fedca57277172aee3.tar.xz
platform-system-core-47111aee401300f36b856a8fedca57277172aee3.zip
1 files changed, 19 insertions, 0 deletions
diff --git a/init/README.md b/init/README.md
index 550ef0582..b0a73b946 100644
--- a/init/README.md
+++ b/init/README.md
@@ -752,3 +752,22 @@ Below is an example of doing the same but with strace
    kill -SIGCONT 4343
    > strace runs
+Host Init Script Verification
+-----------------------------
+Init scripts are checked for correctness during build time. Specifically the below is checked.
+1) Well formatted action, service and import sections, e.g. no actions without a preceding 'on'
+line, and no extraneous lines after an 'import' statement.
+2) All commands map to a valid keyword and the argument count is within the correct range.
+3) All service options are valid. This is stricter than how commands are checked as the service
+options' arguments are fully parsed, e.g. UIDs and GIDs must resolve.
+There are other parts of init scripts that are only parsed at runtime and therefore not checked
+during build time, among them are the below.
+1) The validity of the arguments of commands, e.g. no checking if file paths actually exist, if
+SELinux would permit the operation, or if the UIDs and GIDs resolve.
+2) No checking if a service exists or has a valid SELinux domain defined
+3) No checking if a service has not been previously defined in a different init script.
author	Tom Cherry	2018-06-20 12:21:37 -0500
committer	Tom Cherry	2018-06-20 12:21:37 -0500
commit	47111aee401300f36b856a8fedca57277172aee3 (patch)
tree	fc6c78b1dc25d997f9bfad2b9b46c6ba3a66cfe6 /init
parent	28a3160c077446719fe9c95e0a0730689e8e44ad (diff)
download	platform-system-core-47111aee401300f36b856a8fedca57277172aee3.tar.gz platform-system-core-47111aee401300f36b856a8fedca57277172aee3.tar.xz platform-system-core-47111aee401300f36b856a8fedca57277172aee3.zip

diff --git a/init/README.md b/init/README.md index 550ef0582..b0a73b946 100644 --- a/init/README.md +++ b/init/README.md
@@ -752,3 +752,22 @@ Below is an example of doing the same but with strace
752	kill -SIGCONT 4343	752	kill -SIGCONT 4343
753		753
754	> strace runs	754	> strace runs
		755
		756	Host Init Script Verification
		757	-----------------------------
		758
		759	Init scripts are checked for correctness during build time. Specifically the below is checked.
		760
		761	1) Well formatted action, service and import sections, e.g. no actions without a preceding 'on'
		762	line, and no extraneous lines after an 'import' statement.
		763	2) All commands map to a valid keyword and the argument count is within the correct range.
		764	3) All service options are valid. This is stricter than how commands are checked as the service
		765	options' arguments are fully parsed, e.g. UIDs and GIDs must resolve.
		766
		767	There are other parts of init scripts that are only parsed at runtime and therefore not checked
		768	during build time, among them are the below.
		769
		770	1) The validity of the arguments of commands, e.g. no checking if file paths actually exist, if
		771	SELinux would permit the operation, or if the UIDs and GIDs resolve.
		772	2) No checking if a service exists or has a valid SELinux domain defined
		773	3) No checking if a service has not been previously defined in a different init script.