From 6ea3cc6089393286ab8b6cc459cfa9d7e58fc203 Mon Sep 17 00:00:00 2001
From: San Mehat <san@google.com>
Date: Fri, 19 Feb 2010 18:25:22 -0800
Subject: [PATCH] rootdir: init.rc: Create secure staging directories, and a
 compat symlink

Signed-off-by: San Mehat <san@google.com>
---
 rootdir/init.rc | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/rootdir/init.rc b/rootdir/init.rc
index 34302618a..b32927d84 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -12,7 +12,7 @@ loglevel 3
     export ANDROID_ROOT /system
     export ANDROID_ASSETS /system/app
     export ANDROID_DATA /data
-    export EXTERNAL_STORAGE /sdcard
+    export EXTERNAL_STORAGE /mnt/sdcard
     export BOOTCLASSPATH /system/framework/core.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar
 
 # Backward compatibility
@@ -20,15 +20,30 @@ loglevel 3
     symlink /sys/kernel/debug /d
 
 # create mountpoints
-    mkdir /sdcard 0000 system system
+    mkdir /mnt 0775 root system
+    mkdir /mnt/sdcard 0000 system system
+
+# Backwards Compat - XXX: Going away in G*
+    symlink /mnt/sdcard /sdcard
+
     mkdir /system
     mkdir /data 0771 system system
     mkdir /cache 0770 system cache
     mkdir /config 0500 root root
 
-# create Android Secure External Cache mount tree
-    mkdir /asec  0700 system system
-    mount tmpfs tmpfs /asec mode=0755
+    # Directory for putting things only root should see.
+    mkdir /mnt/secure 0700 root root
+
+    # Directory for staging bindmounts
+    mkdir /mnt/secure/staging 0700 root root
+
+    # Directory-target for where the secure container
+    # imagefile directory will be bind-mounted
+    mkdir /mnt/secure/asec  0700 root root
+
+    # Secure container public mount points.
+    mkdir /mnt/asec  0700 root system
+    mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
 
     mount rootfs rootfs / ro remount