| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
|
| |
|
|
|
|
|
|
|
|
| |
This is a set of changes to the init property service
implementation to apply a SELinux check over who can
change what properties. Also included control hooks
for the 'ctl' keys.
Change-Id: I5a18809bf5536f6459a36b6bf0d622b9f5061aa0
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To support runtime policy management, add support for reloading
policy from /data/system. This can be triggered by setting the
selinux.loadpolicy property to 1, whether from init.rc after
mounting /data or from the system_server (e.g. upon invocation of
a new device admin API for provisioning policy). ueventd and
installd are restarted upon policy reloads to pick up the new
policy configurations relevant to their operation.
Change-Id: I97479aecef8cec23b32f60e09cc778cc5520b691
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add SE Android support for init and ueventd.
init:
- Load policy at boot.
- Set the security context for service daemons and their sockets.
- New built-in commands: setcon, setenforce, restorecon, setsebool.
- New option for services: seclabel.
ueventd:
- Set the security context for device directories and nodes.
Change-Id: I98ed752cde503c94d99dfa5b5a47e3c33db16aac
|
| |
|
|
|
|
|
|
|
|
| |
The class_reset command used to reset services that had been set to
"disabled" in the init.rc file to a non-disabled state. Now, if the
service was originally set to "disabled", have the reset command set
it back to disabled. Otherwise, set it to the "reset" state as it
currently does.
Change-Id: I0c10582e46a8e443d4748d9d893ae762b19b653a
|
| |
|
|
|
| |
Change-Id: I357ceee813700297d8343159f22a07659e768d41
Signed-off-by: Dima Zavin <dima@android.com>
|
| |
|
|
|
|
|
|
|
| |
These are the changes to init and init.rc necessary to
support booting with and encrypted /data filesystem.
A corresponding change to init.<device>.rc goes along
with this change.
Change-Id: I0c7e2cc39568358014a82e317735c0eae14dd683
|
| |
|
|
| |
This reverts commit 50b3afd9f39619f69dc6f4efc29be88933eb3614.
|
| |
|
|
|
|
|
| |
This keyword will cause init to wait a few seconds before exec'ing
the target binary. Maybe only useful for hacks and debugging.
Change-Id: I85caa0bcbc0be7e48bd21eb9e31e039c0740c8d5
|
| |
|
|
| |
Change-Id: I451ebc4ff12f2ac660eb533fa10ad561fa25c9dd
|
| |
|
|
| |
Change-Id: I298f575c590d0f28b7ad78747f3ebdbba56b7a27
|
| |
|
|
| |
Change-Id: I679059dae43143f3c8f16b68de5694539b699e50
|
| |
|
|
| |
Change-Id: I46a91849ce5297eb2597dd6134412f817564ec24
|
| |
|
|
| |
Change-Id: I3a24afa28a1cd279c749d6f384f687b8de56067e
|
| |
|
|
| |
Change-Id: I1df96964763f8baedbc1cea6875d3dfc5e48c065
|
| |
|
|
| |
Change-Id: I31db51eb8e8a33a0bd06b41206bc9f9147d16d41
|
| |
|
|
|
|
| |
We were hitting the old limit with mediaserver.
Change-Id: Ia8217a9f2a1076fa247d7f5ed5159e3c91244d78
|
| |
|
|
| |
Signed-off-by: San Mehat <san@google.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
To add arguments dynamically to a service, start the service like so:
setprop ctl.start service_to_run:arg1 arg2 arg3...
To start a service with *no* dynamic arguments, start the service normally:
setprop ctl.start service_to_run
Dynamic arguments are only supported on 'oneshot' services
Signed-off-by: San Mehat <san@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The 'args' array *must* be the last entry in the structure.
This fixes a longstanding issue (apparently since tc3) where
a service with an argument would corrupt the heap. The more
arguments, the more corruption :|. This will probably also end up
making key-code bound services more reliable (ie: bugreports triggered
via the keyboard)
Signed-off-by: San Mehat <san@google.com>
|
| |
|
|
|
|
| |
Also, flag log_write() as a printf-like beast to gcc.
Signed-off-by: Dima Zavin <dima@android.com>
|
| | |
|
| | |
|
| | |
|
| |
|
