From 47111aee401300f36b856a8fedca57277172aee3 Mon Sep 17 00:00:00 2001 From: Tom Cherry Date: Wed, 20 Jun 2018 10:21:37 -0700 Subject: [PATCH] init: document what host init verifier checks Bug: 36970783 Test: n/a Change-Id: Ic42a55d7b5bb4fec364ac3b5d9a67bcd38cbcc8d --- init/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/init/README.md b/init/README.md index 550ef0582..b0a73b946 100644 --- a/init/README.md +++ b/init/README.md @@ -752,3 +752,22 @@ Below is an example of doing the same but with strace kill -SIGCONT 4343 > strace runs + +Host Init Script Verification +----------------------------- + +Init scripts are checked for correctness during build time. Specifically the below is checked. + +1) Well formatted action, service and import sections, e.g. no actions without a preceding 'on' +line, and no extraneous lines after an 'import' statement. +2) All commands map to a valid keyword and the argument count is within the correct range. +3) All service options are valid. This is stricter than how commands are checked as the service +options' arguments are fully parsed, e.g. UIDs and GIDs must resolve. + +There are other parts of init scripts that are only parsed at runtime and therefore not checked +during build time, among them are the below. + +1) The validity of the arguments of commands, e.g. no checking if file paths actually exist, if +SELinux would permit the operation, or if the UIDs and GIDs resolve. +2) No checking if a service exists or has a valid SELinux domain defined +3) No checking if a service has not been previously defined in a different init script.