summaryrefslogtreecommitdiffstats
path: root/rootdir
diff options
context:
space:
mode:
authorChia-chi Yeh <chiachi@android.com>2011-07-08 20:03:03 -0700
committerChia-chi Yeh <chiachi@android.com>2011-07-08 20:03:03 -0700
commit9bb4d411e01c8e6330b5c27c489485592360576b (patch)
tree581d352b86ca6501c537ead769a3d17b4c230903 /rootdir
parentea7441415997faf34f7ae44f462f916f5f7ea0df (diff)
downloadsystem_core-9bb4d411e01c8e6330b5c27c489485592360576b.zip
system_core-9bb4d411e01c8e6330b5c27c489485592360576b.tar.gz
system_core-9bb4d411e01c8e6330b5c27c489485592360576b.tar.bz2
init: update permissions for VPN.
VPN no longer uses system properties to keep network parameters. Besides, profiles are now stored and encrypted by keystore. Change-Id: I7575f04f350b7d8d5ba7008eb874a72180d057e8
Diffstat (limited to 'rootdir')
-rw-r--r--rootdir/init.rc7
1 files changed, 3 insertions, 4 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 2cc81c6..3055bbb 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -144,9 +144,8 @@ on post-fs-data
mkdir /data/misc/bluetooth 0770 system system
mkdir /data/misc/keystore 0700 keystore keystore
mkdir /data/misc/keychain 0771 system system
- mkdir /data/misc/vpn 0770 system system
+ mkdir /data/misc/vpn 0770 system vpn
mkdir /data/misc/systemkeys 0700 system system
- mkdir /data/misc/vpn/profiles 0770 system system
# give system access to wpa_supplicant.conf for backup and restore
mkdir /data/misc/wifi 0770 wifi wifi
chmod 0660 /data/misc/wifi/wpa_supplicant.conf
@@ -461,8 +460,8 @@ service flash_recovery /system/etc/install-recovery.sh
service racoon /system/bin/racoon
class main
socket racoon stream 600 system system
- # racoon will setuid to vpn after getting necessary resources.
- group net_admin
+ # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
+ group vpn net_admin
disabled
oneshot