Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d32c36c9 authored by Luis Hector Chavez's avatar Luis Hector Chavez
Browse files

logd: Move the capabilities from file based to ambient 

This change moves logd's capabilities from being file based to being set
by init through ambient capabilities.

Bug: 62845925
Test: sailfish:/ # grep Cap /proc/`pidof logd`/status
      CapInh: 0000000000000000
      CapPrm: 0000000440000000
      CapEff: 0000000440000000
      CapBnd: 0000000440000040
      CapAmb: 0000000000000000
      $ capsh --decode=0x440000040
      0x440000040=cap_setgid,cap_audit_control,cap_syslog
Test: liblog-unit-tests, logd-unit-tests, logcat-unit-tests
Change-Id: I28c7c4ad37ad5eafd399aef78c303ce31298a9ef
parent 59112043

libcutils/fs_config.cpp

+1 −4
Original line number Diff line number Diff line
@@ -154,6 +154,7 @@ static const struct fs_path_config android_files[] = { 
    { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/crash_dump64" },

    { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/debuggerd" },

    { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/install-recovery.sh" },

    { 00550, AID_LOGD,      AID_LOGD,      0, "system/bin/logd" },

    { 00700, AID_ROOT,      AID_ROOT,      0, "system/bin/secilc" },

    { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/uncrypt" },

    { 00600, AID_ROOT,      AID_ROOT,      0, "system/build.prop" },
@@ -179,10 +180,6 @@ static const struct fs_path_config android_files[] = { 
    // in user builds.

    { 00700, AID_SYSTEM,    AID_SHELL,     CAP_MASK_LONG(CAP_BLOCK_SUSPEND),

                                              "system/bin/inputflinger" },

    { 00550, AID_LOGD,      AID_LOGD,      CAP_MASK_LONG(CAP_SYSLOG) |

                                           CAP_MASK_LONG(CAP_AUDIT_CONTROL) |

                                           CAP_MASK_LONG(CAP_SETGID),

                                              "system/bin/logd" },

    { 00550, AID_SYSTEM,    AID_LOG,      CAP_MASK_LONG(CAP_SYSLOG),

                                              "system/bin/bootstat" },

    { 00750, AID_ROOT,      AID_SHELL,     CAP_MASK_LONG(CAP_SETUID) |

logd/logd.rc

+1 −0
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ service logd /system/bin/logd 
    file /dev/kmsg w

    user logd

    group logd system package_info readproc

    capabilities SYSLOG AUDIT_CONTROL SETGID

    writepid /dev/cpuset/system-background/tasks



service logd-reinit /system/bin/logd --reinit