From 0fbdefc48c77d3b4a9ba0a1937362933b0343f8c Mon Sep 17 00:00:00 2001 From: nailyk-fr Date: Mon, 23 Oct 2017 20:58:15 +0200 Subject: Shinano-common: init: Rework credmgr init script * Next to the AIDs remove credmgrd init script need some reworks. Root perm at startup is needed for chmod/chown. Change-Id: I9373820c8d0d2fc68e25d671ffbf638fead75316 --- rootdir/init.camera.rc | 7 +++---- rootdir/system/bin/credmgrfirstboot.sh | 7 ++++++- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'rootdir') diff --git a/rootdir/init.camera.rc b/rootdir/init.camera.rc index 3f534fa..a54450a 100644 --- a/rootdir/init.camera.rc +++ b/rootdir/init.camera.rc @@ -95,8 +95,8 @@ service taimport /system/bin/taimport # This script init /cache/CredentialManagerData if /data/credmgr doesn't meet our requirements service initcredmgr /system/bin/credmgrfirstboot.sh class late_start - user system - group cameraserver + user root + group root oneshot # When credmgrfirstboot is ready it set sys.credmgrdready=true. @@ -108,8 +108,7 @@ start credmgrd service credmgrd /system/bin/credmgrd user system group system camera media -# TODO: 666 is not good for credmgrd socket - socket credmgr stream 0666 system camera + socket credmgr stream 0660 system camera disabled # Secure Config Transfer service diff --git a/rootdir/system/bin/credmgrfirstboot.sh b/rootdir/system/bin/credmgrfirstboot.sh index 33062df..36e0c08 100755 --- a/rootdir/system/bin/credmgrfirstboot.sh +++ b/rootdir/system/bin/credmgrfirstboot.sh @@ -29,18 +29,23 @@ if [ "x$CREDMGRCNT" == "x0" ]; then echo "CREDINIT: Dont match" if [ -d "$CREDFOLDER" ]; then echo "CREDINIT: Drop old credmgrdata" - mv -vf $CREDFOLDER ${CREDFOLDER}.old + mv -vf $CREDFOLDER ${CREDFOLDER}.$(date +"%Y-%m-%d") >> $LOG 2>&1 fi # Put binary into /cache mkdir $CREDFOLDER >> $LOG 2>&1 F_ERR $? "mkdir $CREDFOLDER" + # Set perms on folder chown system:system $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chown $CREDFOLDER" + chmod 770 $CREDFOLDER >> $LOG 2>&1 + F_ERR $? "chmod 770" chcon u:object_r:credmgrd_data_file:s0 $CREDFOLDER >> $LOG 2>&1 F_ERR $? "chcon $CREDFOLDER" echo "CREDINIT: cp initial file" >> $LOG 2>&1 cp -v /system/vendor/CredentialManagerData /cache/CredentialManagerData >> $LOG 2>&1 F_ERR $? "copy CredentialManagerData" + chown system:system /cache/CredentialManagerData >> $LOG 2>&1 + F_ERR $? "chown CredentialManagerData" else F_ERR 0 "credmgr found already. no preparation required." fi -- cgit v1.2.3