diff options
author | Jeff Vander Stoep <jeffv@google.com> | 2015-07-23 15:18:36 -0700 |
---|---|---|
committer | Jeffrey Vander Stoep <jeffv@google.com> | 2015-07-24 16:22:06 +0000 |
commit | 3f62a020c48d5d812fb2898759b93a59dc24d310 (patch) | |
tree | a52bd09a7293327b96d67c07dffca5e70621cd43 | |
parent | ed2fe57c2509d0d784ba7dbce1deef21afb2a612 (diff) | |
download | system_core-3f62a020c48d5d812fb2898759b93a59dc24d310.zip system_core-3f62a020c48d5d812fb2898759b93a59dc24d310.tar.gz system_core-3f62a020c48d5d812fb2898759b93a59dc24d310.tar.bz2 |
logd: allow logd to write to /dev/cpuset files
Required by logd on devices with USE_CPUSETS defined.
Make /dev/cpuset/background, /dev/cpuset/foreground and
/dev/cpuset/task writeable by system gid. Add logd to system
group for writing to cpuset files and to root group to avoid
regressions. When dropping privs, also drop supplementary groups.
Bug: 22699101
Change-Id: Icc01769b18b5e1f1649623da8325a8bfabc3a3f0
-rw-r--r-- | logd/main.cpp | 4 | ||||
-rw-r--r-- | rootdir/init.rc | 7 |
2 files changed, 8 insertions, 3 deletions
diff --git a/logd/main.cpp b/logd/main.cpp index 9b88983..a3241d0 100644 --- a/logd/main.cpp +++ b/logd/main.cpp @@ -103,6 +103,10 @@ static int drop_privs() { return -1; } + if (setgroups(0, NULL) == -1) { + return -1; + } + if (setgid(AID_LOGD) != 0) { return -1; } diff --git a/rootdir/init.rc b/rootdir/init.rc index 7af2b77..2ac182b 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -145,9 +145,9 @@ on init chown system system /dev/cpuset/tasks chown system system /dev/cpuset/foreground/tasks chown system system /dev/cpuset/background/tasks - chmod 0644 /dev/cpuset/foreground/tasks - chmod 0644 /dev/cpuset/background/tasks - chmod 0644 /dev/cpuset/tasks + chmod 0664 /dev/cpuset/foreground/tasks + chmod 0664 /dev/cpuset/background/tasks + chmod 0664 /dev/cpuset/tasks # qtaguid will limit access to specific data based on group memberships. @@ -523,6 +523,7 @@ service logd /system/bin/logd socket logd stream 0666 logd logd socket logdr seqpacket 0666 logd logd socket logdw dgram 0222 logd logd + group root system service logd-reinit /system/bin/logd --reinit oneshot |