This is a dependency for the DNS proxy CLs.
This CL also adds a new socket for the netd process to inherit which
is owned by the inet group. (so only apps with the INTERNET
permission can use the DNS proxy...)
Change-Id: I8a51924e0ed56c6066f77e6f1b02d39bdadac51e
This fixes the goldfish-specific config scripts used by init and ueventd
to properly setup the system under emulation. This fixes a lot of broken-ess
introduced by recent permission changes in the system.
Note that there are still several problems after this patch is applied, but
at least it becomes possible to get an adb connection to the emulated system,
Change-Id: I1e8f5828b4d5cbb3a4338878df875dc718276b38
These are the changes to init and init.rc necessary to
support booting with and encrypted /data filesystem.
A corresponding change to init.<device>.rc goes along
with this change.
Change-Id: I0c7e2cc39568358014a82e317735c0eae14dd683
Ensure that we drop privileges for servicemanager
and drmioserver. These should not be running with
gid=0.
Bug: 3275526
Testing: Applied change and successfully rebooted
the device. No obvious bugs.
Change-Id: I782fbda812cb88e0a365788b45b3b32894623177
This was an inefficient way of doing things and was
temporary. There are now direct calls to Bluez to add reserved
SDP records.
This improves connection time after turning on BT by 6-8 secs.
Change-Id: I8750f44e1de73c9cc935d68710b8964e3f50c3a6
This is a dependency for the DNS proxy CLs.
This CL also adds a new socket for the netd process to inherit which
is owned by the inet group. (so only apps with the INTERNET
permission can use the DNS proxy...)
Change-Id: Ic3475c697913ba85805b4e49801b65e7a1d59289
Merge commit '33357f5477a24cb16bd3dd692fe5ca14755ab033'
* commit '33357f5477a24cb16bd3dd692fe5ca14755ab033':
Make netd restart when system server hangs on it.
Merge commit '6490257d116c35d3da927ee7b91179dde64ef713' into gingerbread-plus-aosp
* commit '6490257d116c35d3da927ee7b91179dde64ef713':
Make netd restart when system server hangs on it.
netd has been seen hanging (cause suspected but unconfirmed)
which then brings down the system server which blocks forever
on its main thread trying to connect to netd with its hung
event loop.
This then results in an infinite watchdog runtime restart loop
because the situation never improves: netd is still borked.
Instead, we should kill netd and give it another chance when
the system server dies.
Bug: 3018996
Bug: 3017876
Change-Id: Ibf9ecf0ffcb78e48c38e5167f21cbeefe0e2a47f
- look in /vendor/firmware/... in addition to /system/etc/firmware/... for firmware loading
- add /vendor/bin to path before /system/bin
- add /vendor/lib to ldpath before /system/lib
- configure appropriate permissions for /system/vendor/bin
- symlink /vendor -> /system/vendor
Change-Id: I0c06ca1e38a44f0c7024cee6cea8907aa93a4532
Merge commit '8df3a4a554184afba71887995c5f0983ce81196f'
* commit '8df3a4a554184afba71887995c5f0983ce81196f':
remount / as read-only only on post-fs to allow per-target config of /
Merge commit '4012c0a46ab2ebdf6a1298bc4e85ed3368d1b8a4' into gingerbread-plus-aosp
* commit '4012c0a46ab2ebdf6a1298bc4e85ed3368d1b8a4':
remount / as read-only only on post-fs to allow per-target config of /
Merge commit 'f2af88e81af5efb2d585963507f798d5a8b93d67' into gingerbread-plus-aosp
* commit 'f2af88e81af5efb2d585963507f798d5a8b93d67':
Tracking merge of dalvik-dev to gingerbread
This introduces some new buckets that will be used by the activity
manager, and adjusts the default levels to match what we had been
setting for Droid.
It turns out Passion has been using the old levels, which makes no
sense for how much memory it has. Also it is a problem with these
definitions spreading to other projects for different devices, so
I am going to update the defaults to be appropriate for our newer
devices, and put here a file to tune them down for something like
the sapphire.
Change-Id: Ia4f33c4c3b94aeb3656f60b9222072a1d11e9e68
Merge commit 'b1fb3bd13a4da8bc46a44ec5eef6de9cb952f163' into kraken
* commit 'b1fb3bd13a4da8bc46a44ec5eef6de9cb952f163':
Make /proc/kmsg and /proc/sysrq-trigger system-process-readable
This is so that the system process can capture kernel thread stacks when the
watchdog detects a deadlock. Previously, /proc/kmsg was root/root and mode
0400, and /proc/sysrq-trigger was root/root and mode 0200. With this
change, /proc/kmsg becomes root/system and 0440, and /proc/sysrq-trigger
becomes root/system and 0220.
Change-Id: Iac46bd10bd11d495024afeb5d693107ce5074791
init now creates files in /dev/bus/usb/ for user access to USB devices.
Files are chmod 660 with group AID_USB.
Signed-off-by: Mike Lockwood <lockwood@android.com>
Devices with non-MTD storage need to override the filesystem mounting
commands in init.rc. Moving them to a new "fs" init level allows a
custom init.<device>.rc to handle the mounting.
Change-Id: If0e655139b9734650fb798b6eb0a90e2241fc29b
This reverts commit a7d88224ff.
This cgroup subsys should be mounted on it's own mount-point, since it's
addition to /dev/cpuctl causes the cpu subsys to EPERM
Temporarily creating emulated encrypted directories manually.
Will remove those lines once a true encrypted FS is mounted, and proper
framework chanfes have been made. This is required for the feature to
work with the other changes.
Merge commit 'eb67fac4723892ac8ae3fae87c05e776c49029c5' into eclair-mr2-plus-aosp
* commit 'eb67fac4723892ac8ae3fae87c05e776c49029c5':
change /cache/recovery group to cache
Merge commit '5a8cf57eb7aa70f1647b28315a2419c4a6d36828' into eclair-mr2-plus-aosp
* commit '5a8cf57eb7aa70f1647b28315a2419c4a6d36828':
Make the RIL daemon part of the audio group so it can load region-specific
Merge commit '1dec5032cfadc1a3d7687ce5b6cd322e4151ce9d' into eclair-plus-aosp
* commit '1dec5032cfadc1a3d7687ce5b6cd322e4151ce9d':
Force the mediaserver process to restart whenever the zygote or system
Merge commit 'ea935c1d9771fa2cc00583720586c209463f2791' into eclair-plus-aosp
* commit 'ea935c1d9771fa2cc00583720586c209463f2791':
Make vmallocinfo readable by group log so we can put it in bugreports
Merge commit 'a0c98ef01a4c5a859fdde35fed7977b1eb919007' into eclair-plus-aosp
* commit 'a0c98ef01a4c5a859fdde35fed7977b1eb919007':
Ensure -user builds can run the dex preopt pass in the emulator.
This is done by ensuring that /init.goldfish.rc and /system/etc/init.goldfish.sh
are part of the system image, even if it lacks other emulator related bits.
Merge commit 'bb6f68c63d79bf58bd53f463de1bd23d49e5b8a4' into eclair-plus-aosp
* commit 'bb6f68c63d79bf58bd53f463de1bd23d49e5b8a4':
init.rc: mount debugfs for debugging
Merge commit '25f1a5aaffd1ef6e87d53d4fd3c14ea1b6c5b940' into eclair-plus-aosp
* commit '25f1a5aaffd1ef6e87d53d4fd3c14ea1b6c5b940':
init.rc: Adjust permissions on /data/dontpanic/ so dumpstate will not need root
Merge commit '2f21659d4565afd65da1be07c28317a3cb4287a1' into eclair-plus-aosp
* commit '2f21659d4565afd65da1be07c28317a3cb4287a1':
Fix a bug that prevented the "generic" product builds from working in the emulator.
Merge commit '9332482ed2945174d94615f0720f88702cb92667' into eclair-plus-aosp
* commit '9332482ed2945174d94615f0720f88702cb92667':
init.rc: Make /data/dontpanic files readable only by the system process.
This also ensures that emulator-specific files /init.goldfish.rc and
/system/etc/init.goldfish.sh are never part of -user builds, which
correspond to production devices.
Merge commit 'e991decf340e24203ed63f87d9313598cd09a46c' into eclair-plus-aosp
* commit 'e991decf340e24203ed63f87d9313598cd09a46c':
init.rc: Add dumpstate service
init: Add support for enforcing setprop by caller's group.
adb: "adb bugreport" now runs dumpstate via init rather than execing it in the shell.
This fixes both a typo and the fact that sh seems not to have
test or [.
(see also sh/builtins.def: ##testcmd commented out)
The handling of these properties was broken, having the effect
that the Modem in ... internal/telephony/test/Simulated*.java
was never run, even if it would have been the users/developers
intention.
See also issue #1380http://code.google.com/p/android/issues/detail?id=1380
Signed-off-by: Simon.Braunschmidt@gmail.com>
Merge commit 'ee40fc4e64e1656a16603778bee895ea389ec7d5'
* commit 'ee40fc4e64e1656a16603778bee895ea389ec7d5':
rootdir: init.rc: Bump up background cpu shares to 5.0%
Merge commit '160d4b0509e4566930ef9af4f2b9d63b33aebee5'
* commit '160d4b0509e4566930ef9af4f2b9d63b33aebee5':
rootdir: Remove ip-up-vpn script, which is replaced by an executable.
The touch command does not exist, and the chown commands are unnecessary because
the system_server is in the WIFI group.
Signed-off-by: Mike Lockwood <lockwood@android.com>
Merge commit 'eefef3234ae1e3b0f2db71415f134c7ec49899fa'
* commit 'eefef3234ae1e3b0f2db71415f134c7ec49899fa':
Set the permissions of wifi supplicant file so that system can access it.
Merge commit '5c49135b032235f82560d5e55b0e4c547506516b'
* commit '5c49135b032235f82560d5e55b0e4c547506516b':
rootdir: Modify init.rc to run mtpd/racoon as a non-root user.
In CFS, the (somewhat undefined) behavior of sched_yield() changed.
See: http://kerneltrap.org/Linux/CFS_and_sched_yield
This change enables 'compat' mode for sched_yield()
Signed-off-by: San Mehat <san@google.com>
Merge commit 'bfa2f8e9b506a4b710ebcefa7c1e324609b8ca34'
* commit 'bfa2f8e9b506a4b710ebcefa7c1e324609b8ca34':
init: Bump up the max cpu bandwidth shares ratio for background.
Merge commit 'd709b582604e7f9d53b97f9ae13c5e12b2466c56'
* commit 'd709b582604e7f9d53b97f9ae13c5e12b2466c56':
remove 3G timeout values from init.rc, this should be device specific
Merge commit '0bd9a9f5bcaefda8d7d37c9383b004b516009b85'
* commit '0bd9a9f5bcaefda8d7d37c9383b004b516009b85':
Add the ipcp scripts for pppd and racoon configuration for ipsec-tools.
Merge commit '3d6f16e5edc9834b13a0bcc8a33c98e25518d919'
* commit '3d6f16e5edc9834b13a0bcc8a33c98e25518d919':
init.rc: Set default cpu shares for background scheduler group to < 1%
-- changed the default mode to 0770 for keystore with the new user 'keystore'.
-- add the keystore service providing the basic key lookup/install/remove, but
only keystore user can access the key content.
In this initial commit, apps undergoing backup are treated equivalently
to apps hosting services: more important than anything other than the
foreground app.
