ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

am 2f924ebe: am a94d2b39: Merge "Add a restorecon_recursive built-in command to init."

Browse source 
* commit '2f924ebe0b0891dba1996c246839427b23705018':
  Add a restorecon_recursive built-in command to init.
This commit is contained in:
Nick Kralevich 2013-10-10 12:38:44 -07:00 committed by Android Git Automerger
commit aa4051dc4f
4 changed files with 24 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
init/builtins.c
View file

@ -797,12 +797,24 @@ int do_chmod(int nargs, char **args) {
int do_restorecon(int nargs, char **args) { int do_restorecon(int nargs, char **args) {
int i; int i;
int ret = 0;
for (i = 1; i < nargs; i++) { for (i = 1; i < nargs; i++) {
if (restorecon(args[i]) < 0) if (restorecon(args[i]) < 0)
return -errno; ret = -errno;
} }
return 0; return ret;
}
int do_restorecon_recursive(int nargs, char **args) {
int i;
int ret = 0;
for (i = 1; i < nargs; i++) {
if (restorecon_recursive(args[i]) < 0)
ret = -errno;
}
return ret;
} }
int do_setsebool(int nargs, char **args) { int do_setsebool(int nargs, char **args) {

1
init/init_parser.c
View file

@ -135,6 +135,7 @@ int lookup_keyword(const char *s)
case 'r': case 'r':
if (!strcmp(s, "estart")) return K_restart; if (!strcmp(s, "estart")) return K_restart;
if (!strcmp(s, "estorecon")) return K_restorecon; if (!strcmp(s, "estorecon")) return K_restorecon;
if (!strcmp(s, "estorecon_recursive")) return K_restorecon_recursive;
if (!strcmp(s, "mdir")) return K_rmdir; if (!strcmp(s, "mdir")) return K_rmdir;
if (!strcmp(s, "m")) return K_rm; if (!strcmp(s, "m")) return K_rm;
break; break;

2
init/keywords.h
View file

@ -17,6 +17,7 @@ int do_mount(int nargs, char **args);
int do_powerctl(int nargs, char **args); int do_powerctl(int nargs, char **args);
int do_restart(int nargs, char **args); int do_restart(int nargs, char **args);
int do_restorecon(int nargs, char **args); int do_restorecon(int nargs, char **args);
int do_restorecon_recursive(int nargs, char **args);
int do_rm(int nargs, char **args); int do_rm(int nargs, char **args);
int do_rmdir(int nargs, char **args); int do_rmdir(int nargs, char **args);
int do_setcon(int nargs, char **args); int do_setcon(int nargs, char **args);
@ -71,6 +72,7 @@ enum {
KEYWORD(powerctl, COMMAND, 1, do_powerctl) KEYWORD(powerctl, COMMAND, 1, do_powerctl)
KEYWORD(restart, COMMAND, 1, do_restart) KEYWORD(restart, COMMAND, 1, do_restart)
KEYWORD(restorecon, COMMAND, 1, do_restorecon) KEYWORD(restorecon, COMMAND, 1, do_restorecon)
KEYWORD(restorecon_recursive, COMMAND, 1, do_restorecon_recursive)
KEYWORD(rm, COMMAND, 1, do_rm) KEYWORD(rm, COMMAND, 1, do_rm)
KEYWORD(rmdir, COMMAND, 1, do_rmdir) KEYWORD(rmdir, COMMAND, 1, do_rmdir)
KEYWORD(seclabel, OPTION, 0, 0) KEYWORD(seclabel, OPTION, 0, 0)

8
init/readme.txt
View file

@ -192,12 +192,18 @@ mount <type> <device> <dir> [ <mountoption> ]*
device by name. device by name.
<mountoption>s include "ro", "rw", "remount", "noatime", ... <mountoption>s include "ro", "rw", "remount", "noatime", ...
restorecon <path> restorecon <path> [ <path> ]*
Restore the file named by <path> to the security context specified Restore the file named by <path> to the security context specified
in the file_contexts configuration. in the file_contexts configuration.
Not required for directories created by the init.rc as these are Not required for directories created by the init.rc as these are
automatically labeled correctly by init. automatically labeled correctly by init.
restorecon_recursive <path> [ <path> ]*
Recursively restore the directory tree named by <path> to the
security contexts specified in the file_contexts configuration.
Do NOT use this with paths leading to shell-writable or app-writable
directories, e.g. /data/local/tmp, /data/data or any prefix thereof.
setcon <securitycontext> setcon <securitycontext>
Set the current process security context to the specified string. Set the current process security context to the specified string.
This is typically only used from early-init to set the init context This is typically only used from early-init to set the init context