| Age | Commit message (Collapse) | Author |
|---|
|
Bug: 24511454
Change-Id: Ia27f4ef0eb71f891c789f637a21b04afe0b1c4e9
|
|
Change-Id: Iadf8012e6c177bcf487048e1b5a9b4fc51a0aeba
|
|
Bug: http://b/25195825
Change-Id: I913d8425232e79df3f7a051a8cc63de9c60f4780
|
|
-metrics_collector and metricsd gather and upload device metrics.
-webservd is part of the Weave (Brillo remote setup and management) stack.
Bug: 26337609
Change-Id: Icf6ce75e64293adbe773f2ee65e80629f2eeb737
|
|
* Added new kernel GID named "wakelock" (AID_WAKELOCK = 3010)
* Changed the group access for /sys/power/wake_lock and
/sys/power/wake_unlock from "system" to "wakelock"
* Added "wakelock" to the list of groups for the healthd process/service
Bug: 25864142
Change-Id: Ieabee9964cccec3107971a361a43aa9805164aa9
|
|
(Originally in
https://googleplex-android-review.git.corp.google.com/#/c/804752).
Change-Id: I31951cad1bbcec58b21559be0d86581ba9187a92
|
|
Change-Id: I462d4736e772da0a08b4793fc1b971ff261667ea
|
|
Add the following mount options to the /proc filesystem:
hidepid=2,gid=3009
This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).
Please see
https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.
hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.
Add AID_READPROC to processes which need to access /proc entries for
other UIDs.
Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
|
|
* commit 'b955f476d3b11da9378d5eedfc569711f625e1ba':
Add a "tlsdate" AID for unprivileged tlsdate execution.
|
|
Bug: 23651876
Change-Id: I7ab1bccdcd2434c4af663a1afb9fe9ad124c4428
|
|
* commit '66d32c7488e12545218e83195738c95c183760ef':
Use CAP_MASK_LONG for file capabilities.
|
|
Extract the |1ULL << $CAP_NAME| construct to a macro, to avoid
repeating it.
Change-Id: I9312c27130d7e6c5b6ab3b4cc5c70a6b98378b98
|
|
* commit '45ca3d54e0f6be4237efcef5ff121a263d81971d':
Reserve new UID range for OEM.
|
|
Brillo will need to run new native system services, so reserve
a reasonable UID range to accomodate them. Having 1000 UIDs will
allow us to sub-partition this range if needed.
The range can be used by any OEM, not just Brillo, so name it
accordingly.
Bug: 22555869
Change-Id: I752428ee5025bf064a35ecbe6da50c041d87b724
|
|
* commit 'fb1ecbc55e7edeafb138eb2a60ca89ba9a7b1f0f':
Use __ANDROID__ instead of HAVE_ANDROID_OS.
|
|
Change-Id: I9967f3fd758c2a5b40be5b60ae72be7e2fb75136
|
|
* commit '3a8a32413615643320bb140a24ab1d77d9aea804':
Add a "dbus" AID for running dbus-daemon.
|
|
Bug: 22328216
Change-Id: I8478f57d892c6edeb6b101cfa8b38dc5c6262cb2
|
|
Using a getenv('OUT') in such a deep down function is a wrong design
choice. Replacing with explicit parameter that may be NULL in case
device specific files can be accessed from /.
Since TARGET_COPY_OUT_SYSTEM may be defined to something different than
system we also ensure that we use a path relative to TARGET_OUT to
compute path to fs_config_* files.
Bug: 21989305
Bug: 22048934
Change-Id: Id91bc183b29beac7379d1117ad83bd3346e6897b
Signed-off-by: Thierry Strudel <tstrudel@google.com>
|
|
Bug: 19908228
Change-Id: Icb0e189a86758bb779b9bdf7c0d92216d297869f
|
|
Change-Id: Idb050b9ef4e7947664295b173e1b09d65accd3e9
|
|
Bug: 19908228
Change-Id: Id51c0c50eb2677824d052882f4263193a08e1402
|
|
Change-Id: I83716f48754de889d811d74074f9a32dc666c05e
|
|
into lmp-mr1-dev
* commit '70f6dea9d06876bc65181c40ee9e623be196fb4c':
android_filesystem: Remove setuid bits from tcpdump
|
|
Bug: 18669116
Change-Id: I25486f2fe0e994f569b788fc9f03ef6d383f54d4
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
|
Change-Id: I15ae14542214a3802d43892da0d03cfb33e63c96
|
|
OEMs frequently add some AIDs on their own. Reserve some range
for them to use.
Change-Id: I3c729c889c9bd3e105ae4f6fb0c04a42a10eb25c
|
|
* commit '24d2adba7a2f9caa82a88be70ad2fe7397ab310a':
Change /dalvik-cache to be owned by root.
|
|
Bug: 16875245
(cherry picked from commit 3878ebd72493427ea5537b36dfb9cd7cb38677bb)
Change-Id: I29a70215a2207bc4e0db02ab751d32a68edf4b66
|
|
Bug: 16875245
Change-Id: I29a70215a2207bc4e0db02ab751d32a68edf4b66
|
|
* commit '0487e50accf44f13acafad5fb5d76b4958d86550':
Make su 04750
|
|
Currently, /system/xbin/su is world executable. Prior to SELinux
enforcement, anyone (including third party apps) could run su.
The su code itself checks to see if the calling UID is root or shell.
Rather than relying on enforcement within the su binary, modify the
binary so it has group=shell, and remove world-execute permission.
This helps avoid some annoying SELinux denial messages as third party
apps call su on userdebug/eng builds.
Change-Id: I61c9231bb7e201d14ee3a5b6fe81b3fa7b12599f
|
|
in a profile"
* commit '63cdd840f81839bf6ce6e3723c42f09256cf4b3e':
Add new AID shared by all apps in a profile
|
|
|
|
RELRO sharing support."
* commit '4f3ad823eaf97fcbcbb1afac67371aff76677b1d':
Add UID and directory for RELRO sharing support.
|
|
Define a UID to be used by the process responsible for creating shared
RELRO files for the WebView native library, and create a directory owned
by that UID to use to store the files.
Bug: 13005501
Change-Id: I5bbb1e1035405e5534b2681f554fe16f74e3da1a
|
|
Automatically assigned as a GID to all apps running under the same
Android profile. Used for exposing to or sharing files with apps
running in a specific profile.
Analogous to AID_SHARED_GID only the sharing is between processes with
the same userId rather than with the same appId.
The name to be displayed for uids/gids with this AID is 'u*_everyone'.
Change-Id: I46efb749f74cb86868c5609a0ce1a6aab2f9e9c9
|
|
android_filesystem_config."
* commit 'c5aff68693dee788a28a0d0256782cc8521aa2a5':
Include 64bit valgrind in the android_filesystem_config.
|
|
Required so that we set the exectuable bit correctly.
Change-Id: If59bd0ff47d2b4b2b8f92a1c007b4ba414ea1876
|
|
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
(cherry picked from commit 3e76e0a49760c4970b7cda6153e51026af98e4f3)
Author: Nick Kralevich <nnk@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
|
|
* Create a new userspace log daemon for handling logging messages.
Original-Change-Id: I75267df16359684490121e6c31cca48614d79856
Signed-off-by: Nick Kralevich <nnk@google.com>
* Merge conflicts
* rename new syslog daemon to logd to prevent confusion with bionic syslog
* replace racy getGroups call with KISS call to client->getGid()
* Timestamps are filed at logging source
* insert entries into list in timestamp order
* Added LogTimeEntry tail filtration handling
* Added region locking around LogWriter list
* separate threads for each writer
* /dev/socket/logd* permissions
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Change-Id: Ice88b1412d8f9daa7f9119b2b5aaf684a5e28098
|
|
The script that writes the recovery partition after a successful
update of system needs to be made executable. This change also moves
it from /system/etc to /system/bin.
Bug: 12893978
Change-Id: I686e2392a2392515a6859a7381b735de1007b7ea
|
|
Add a service called "pre-recovery" which is normally stopped but can
be started by the system server when we want to go into recovery. It
will do any preparation needed (currently needed to handle update
packages that reside on an encrypted /data partition) and then set
sys.powerctl when it's ready to actually reboot.
Bug: 12188746
Change-Id: I894a4cb200395a0f6d7fe643ed4c2ac0a45d2052
|
|
* Add healthd charger mode ops
* Check for executable invocation as "charger", set charger mode if so
* Incorporate charger executable as healthd charger mode
Change-Id: I4a44e7a4c3a65ae9be94491f7f498aa48d4f8a84
|
|
Changes the FUSE daemon to synthesize an Android-specific set of
filesystem permissions, even when the underlying media storage is
permissionless. This is designed to support several features:
First, apps can access their own files in /Android/data/com.example/
without requiring any external storage permissions. This is enabled
by allowing o+x on parent directories, and assigning the UID owner
based on the directory name (package name). The mapping from package
to appId is parsed from packages.list, which is updated when apps are
added/removed. Changes are observed through inotify. It creates
missing package name directories when requested and valid.
Second, support for separate permissions for photos and audio/video
content on the device through new GIDs which are assigned based on
top-level directory names.
Finally, support for multi-user separation on the same physical media
through new /Android/user/ directory, which will be bind-mounted
into place. It recursively applies the above rules to each secondary
user.
rwxrwx--x root:sdcard_rw /
rwxrwx--- root:sdcard_pics /Pictures
rwxrwx--- root:sdcard_av /Music
rwxrwx--x root:sdcard_rw /Android
rwxrwx--x root:sdcard_rw /Android/data
rwxrwx--- u0_a12:sdcard_rw /Android/data/com.example
rwxrwx--x root:sdcard_rw /Android/obb/
rwxrwx--- u0_a12:sdcard_rw /Android/obb/com.example
rwxrwx--- root:sdcard_all /Android/user
rwxrwx--x root:sdcard_rw /Android/user/10
rwxrwx--- u10_a12:sdcard_rw /Android/user/10/Android/data/com.example
These derived permissions are disabled by default. Switched option
parsing to getopt().
Change-Id: I21bf5d79d13f0f07a6a116122b16395f4f97505b
|
|
plugins" into jb-mr2-dev
* commit '9e9ed1b40010745e709157a6977ba6d053d46c49':
Add a new group for MediaDrm engine plugins
|
|
|
|
* commit '0db6600a60e8d604aaef5e43db9ae52ed7380979':
Remove DBUS from make and header files
|
|
bug: 8702754
Change-Id: I3b7988b64b1dcf4685624e4c1af938e132b82696
|
|
DBUS had been needed by bluetooth bluz stack. It is not needed after
we replaced bluez stack with bluedroid stack.
bug 6872904
Change-Id: I3fa41c1dd4ac80bc679d5950b3b20c7f6d12265f
|
