openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

logd: Move the capabilities from file based to ambient 

This change moves logd's capabilities from being file based to being set
by init through ambient capabilities.

Bug: 62845925
Test: sailfish:/ # grep Cap /proc/`pidof logd`/status
      CapInh: 0000000000000000
      CapPrm: 0000000440000000
      CapEff: 0000000440000000
      CapBnd: 0000000440000040
      CapAmb: 0000000000000000
      $ capsh --decode=0x440000040
      0x440000040=cap_setgid,cap_audit_control,cap_syslog
Test: liblog-unit-tests, logd-unit-tests, logcat-unit-tests
Change-Id: I28c7c4ad37ad5eafd399aef78c303ce31298a9ef
This commit is contained in:
Luis Hector Chavez 2018-06-08 15:00:40 -07:00
parent 5911204326
commit d32c36c961
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libcutils/fs_config.cpp
View File

@ -154,6 +154,7 @@ static const struct fs_path_config android_files[] = {
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/crash_dump64" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/debuggerd" },
{ 00750, AID_ROOT, AID_ROOT, 0, "system/bin/install-recovery.sh" },
{ 00550, AID_LOGD, AID_LOGD, 0, "system/bin/logd" },
{ 00700, AID_ROOT, AID_ROOT, 0, "system/bin/secilc" },
{ 00750, AID_ROOT, AID_ROOT, 0, "system/bin/uncrypt" },
{ 00600, AID_ROOT, AID_ROOT, 0, "system/build.prop" },
@ -179,10 +180,6 @@ static const struct fs_path_config android_files[] = {
// in user builds.
{ 00700, AID_SYSTEM, AID_SHELL, CAP_MASK_LONG(CAP_BLOCK_SUSPEND),
"system/bin/inputflinger" },
{ 00550, AID_LOGD, AID_LOGD, CAP_MASK_LONG(CAP_SYSLOG) |
CAP_MASK_LONG(CAP_AUDIT_CONTROL) |
CAP_MASK_LONG(CAP_SETGID),
"system/bin/logd" },
{ 00550, AID_SYSTEM, AID_LOG, CAP_MASK_LONG(CAP_SYSLOG),
"system/bin/bootstat" },
{ 00750, AID_ROOT, AID_SHELL, CAP_MASK_LONG(CAP_SETUID) |

1
logd/logd.rc
View File

@ -6,6 +6,7 @@ service logd /system/bin/logd
file /dev/kmsg w
user logd
group logd system package_info readproc
capabilities SYSLOG AUDIT_CONTROL SETGID
writepid /dev/cpuset/system-background/tasks
service logd-reinit /system/bin/logd --reinit