From 1c13c3d388932cf45377535d94c29bbc4db688bb Mon Sep 17 00:00:00 2001 From: Jorge Lucangeli Obes Date: Thu, 14 Jan 2016 14:52:07 -0800 Subject: [PATCH] Add more first-party Brillo system users. Brillo is converging on a set of mandatory system services to be included in all Brillo builds. We'd like these services to run as separate users just like other native Android/Brillo system services. Add users for these services: -Firewalld: Brillo has more granular firewall requirements (think e.g. Brillo-powered router.) Firewalld exposes a (currently) D-Bus/ (soon to be) Binder API to broker access to IPTables rules. -Trunksd: Some Brillo product configs will require TPMs. Trunksd manages TPMs in Chrome OS and Brillo. Bug: 27299198 Change-Id: Ibe3303acdd9398ea52da0a37dbef73e5c5a948f7 --- include/private/android_filesystem_config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h index c220a0c62..6232f7239 100644 --- a/include/private/android_filesystem_config.h +++ b/include/private/android_filesystem_config.h @@ -89,6 +89,8 @@ #define AID_DEBUGGERD 1045 /* debuggerd unprivileged user */ #define AID_MEDIA_CODEC 1046 /* mediacodec process */ #define AID_CAMERASERVER 1047 /* cameraserver process */ +#define AID_FIREWALL 1048 /* firewalld process */ +#define AID_TRUNKS 1049 /* trunksd process (TPM daemon) */ #define AID_SHELL 2000 /* adb and debug shell user */ #define AID_CACHE 2001 /* cache access */ @@ -196,6 +198,8 @@ static const struct android_id_info android_ids[] = { { "debuggerd", AID_DEBUGGERD, }, { "mediacodec", AID_MEDIA_CODEC, }, { "cameraserver", AID_CAMERASERVER, }, + { "firewall", AID_FIREWALL, }, + { "trunks", AID_TRUNKS, }, { "shell", AID_SHELL, }, { "cache", AID_CACHE, },