diff options
| author | nailyk-fr <jenkins@nailyk.fr> | 2017-10-23 20:58:15 +0200 |
|---|---|---|
| committer | Arian <arian.kulmer@web.de> | 2019-10-07 11:07:18 +0200 |
| commit | 0fbdefc48c77d3b4a9ba0a1937362933b0343f8c (patch) | |
| tree | f3b01b8256044b356de34749bdda83b75546a520 | |
| parent | 5b555b410b729908841f6afa928d4d1b164afcaf (diff) | |
Shinano-common: init: Rework credmgr init script
* Next to the AIDs remove credmgrd init script need some reworks.
Root perm at startup is needed for chmod/chown.
Change-Id: I9373820c8d0d2fc68e25d671ffbf638fead75316
| -rw-r--r-- | rootdir/init.camera.rc | 7 | ||||
| -rwxr-xr-x | rootdir/system/bin/credmgrfirstboot.sh | 7 |
2 files changed, 9 insertions, 5 deletions
diff --git a/rootdir/init.camera.rc b/rootdir/init.camera.rc index 3f534fa..a54450a 100644 --- a/rootdir/init.camera.rc +++ b/rootdir/init.camera.rc @@ -95,8 +95,8 @@ service taimport /system/bin/taimport # This script init /cache/CredentialManagerData if /data/credmgr doesn't meet our requirements service initcredmgr /system/bin/credmgrfirstboot.sh class late_start - user system - group cameraserver + user root + group root oneshot # When credmgrfirstboot is ready it set sys.credmgrdready=true. @@ -108,8 +108,7 @@ start credmgrd service credmgrd /system/bin/credmgrd user system group system camera media -# TODO: 666 is not good for credmgrd socket - socket credmgr stream 0666 system camera + socket credmgr stream 0660 system camera disabled # Secure Config Transfer service diff --git a/rootdir/system/bin/credmgrfirstboot.sh b/rootdir/system/bin/credmgrfirstboot.sh index 33062df..36e0c08 100755 --- a/rootdir/system/bin/credmgrfirstboot.sh +++ b/rootdir/system/bin/credmgrfirstboot.sh @@ -29,18 +29,23 @@ if [ "x$CREDMGRCNT" == "x0" ]; then echo "CREDINIT: Dont match" if [ -d "$CREDFOLDER" ]; then echo "CREDINIT: Drop old credmgrdata" - mv -vf $CREDFOLDER ${CREDFOLDER}.old + mv -vf $CREDFOLDER ${CREDFOLDER}.$(date +"%Y-%m-%d") >> $LOG 2>&1 fi # Put binary into /cache mkdir $CREDFOLDER >> $LOG 2>&1 F_ERR $? "mkdir $CREDFOLDER" + # Set perms on folder chown system:system $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chown $CREDFOLDER" + chmod 770 $CREDFOLDER >> $LOG 2>&1 + F_ERR $? "chmod 770" chcon u:object_r:credmgrd_data_file:s0 $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chcon $CREDFOLDER" echo "CREDINIT: cp initial file" >> $LOG 2>&1 cp -v /system/vendor/CredentialManagerData /cache/CredentialManagerData >> $LOG 2>&1 F_ERR $? "copy CredentialManagerData" + chown system:system /cache/CredentialManagerData >> $LOG 2>&1 + F_ERR $? "chown CredentialManagerData" else F_ERR 0 "credmgr found already. no preparation required." fi |