diff options
-rw-r--r-- | rootdir/init.camera.rc | 7 | ||||
-rwxr-xr-x | rootdir/system/bin/credmgrfirstboot.sh | 7 |
2 files changed, 9 insertions, 5 deletions
diff --git a/rootdir/init.camera.rc b/rootdir/init.camera.rc index 3f534fa..a54450a 100644 --- a/rootdir/init.camera.rc +++ b/rootdir/init.camera.rc @@ -95,8 +95,8 @@ service taimport /system/bin/taimport # This script init /cache/CredentialManagerData if /data/credmgr doesn't meet our requirements service initcredmgr /system/bin/credmgrfirstboot.sh class late_start - user system - group cameraserver + user root + group root oneshot # When credmgrfirstboot is ready it set sys.credmgrdready=true. @@ -108,8 +108,7 @@ start credmgrd service credmgrd /system/bin/credmgrd user system group system camera media -# TODO: 666 is not good for credmgrd socket - socket credmgr stream 0666 system camera + socket credmgr stream 0660 system camera disabled # Secure Config Transfer service diff --git a/rootdir/system/bin/credmgrfirstboot.sh b/rootdir/system/bin/credmgrfirstboot.sh index 33062df..36e0c08 100755 --- a/rootdir/system/bin/credmgrfirstboot.sh +++ b/rootdir/system/bin/credmgrfirstboot.sh @@ -29,18 +29,23 @@ if [ "x$CREDMGRCNT" == "x0" ]; then echo "CREDINIT: Dont match" if [ -d "$CREDFOLDER" ]; then echo "CREDINIT: Drop old credmgrdata" - mv -vf $CREDFOLDER ${CREDFOLDER}.old + mv -vf $CREDFOLDER ${CREDFOLDER}.$(date +"%Y-%m-%d") >> $LOG 2>&1 fi # Put binary into /cache mkdir $CREDFOLDER >> $LOG 2>&1 F_ERR $? "mkdir $CREDFOLDER" + # Set perms on folder chown system:system $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chown $CREDFOLDER" + chmod 770 $CREDFOLDER >> $LOG 2>&1 + F_ERR $? "chmod 770" chcon u:object_r:credmgrd_data_file:s0 $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chcon $CREDFOLDER" echo "CREDINIT: cp initial file" >> $LOG 2>&1 cp -v /system/vendor/CredentialManagerData /cache/CredentialManagerData >> $LOG 2>&1 F_ERR $? "copy CredentialManagerData" + chown system:system /cache/CredentialManagerData >> $LOG 2>&1 + F_ERR $? "chown CredentialManagerData" else F_ERR 0 "credmgr found already. no preparation required." fi |