From 0fbdefc48c77d3b4a9ba0a1937362933b0343f8c Mon Sep 17 00:00:00 2001
From: nailyk-fr <jenkins@nailyk.fr>
Date: Mon, 23 Oct 2017 20:58:15 +0200
Subject: Shinano-common: init: Rework credmgr init script

 * Next to the AIDs remove credmgrd init script need some reworks.
   Root perm at startup is needed for chmod/chown.

Change-Id: I9373820c8d0d2fc68e25d671ffbf638fead75316
---
 rootdir/init.camera.rc                 | 7 +++----
 rootdir/system/bin/credmgrfirstboot.sh | 7 ++++++-
 2 files changed, 9 insertions(+), 5 deletions(-)

(limited to 'rootdir')

diff --git a/rootdir/init.camera.rc b/rootdir/init.camera.rc
index 3f534fa..a54450a 100644
--- a/rootdir/init.camera.rc
+++ b/rootdir/init.camera.rc
@@ -95,8 +95,8 @@ service taimport /system/bin/taimport
 # This script init /cache/CredentialManagerData if /data/credmgr doesn't meet our requirements
 service initcredmgr /system/bin/credmgrfirstboot.sh
     class late_start
-    user system
-    group cameraserver
+    user root
+    group root
     oneshot
 
 # When credmgrfirstboot is ready it set sys.credmgrdready=true.
@@ -108,8 +108,7 @@ start credmgrd
 service credmgrd /system/bin/credmgrd
     user system
     group system camera media
-# TODO: 666 is not good for credmgrd socket
-    socket credmgr stream 0666 system camera
+    socket credmgr stream 0660 system camera
     disabled
 
 # Secure Config Transfer service
diff --git a/rootdir/system/bin/credmgrfirstboot.sh b/rootdir/system/bin/credmgrfirstboot.sh
index 33062df..36e0c08 100755
--- a/rootdir/system/bin/credmgrfirstboot.sh
+++ b/rootdir/system/bin/credmgrfirstboot.sh
@@ -29,18 +29,23 @@ if [ "x$CREDMGRCNT" == "x0" ]; then
 	echo "CREDINIT: Dont match"
 	if [ -d "$CREDFOLDER" ]; then
 		echo "CREDINIT: Drop old credmgrdata"
-		mv -vf $CREDFOLDER ${CREDFOLDER}.old
+		mv -vf $CREDFOLDER ${CREDFOLDER}.$(date +"%Y-%m-%d")  >> $LOG 2>&1
 	fi
 	# Put binary into /cache
 	mkdir $CREDFOLDER >> $LOG 2>&1
 	F_ERR $? "mkdir $CREDFOLDER"
+	# Set perms on folder
 	chown system:system $CREDFOLDER >> $LOG 2>&1
 	F_ERR $? "chown $CREDFOLDER"
+	chmod 770 $CREDFOLDER >> $LOG 2>&1
+	F_ERR $? "chmod 770"
 	chcon u:object_r:credmgrd_data_file:s0 $CREDFOLDER >> $LOG 2>&1
 	F_ERR $? "chcon $CREDFOLDER"
 	echo "CREDINIT: cp initial file" >> $LOG 2>&1
 	cp -v /system/vendor/CredentialManagerData /cache/CredentialManagerData >> $LOG 2>&1
 	F_ERR $? "copy CredentialManagerData"
+	chown system:system /cache/CredentialManagerData >> $LOG 2>&1
+	F_ERR $? "chown CredentialManagerData"
 else
 	F_ERR 0 "credmgr found already. no preparation required."
 fi
-- 
cgit v1.2.3