Android启动init.rc中service的权限问题
Posted Zhang Jun
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Android启动init.rc中service的权限问题相关的知识,希望对你有一定的参考价值。
通过property_set("ctl.start", service_xx)来启动init.rc中的service是一个很方便的方法来调用某个可执行程序或某个脚本程序。
service service_xx/system/bin/xx
disabled
oneshot
但在非AID_ROOT, AID_SYSTEM用户的进程中调用ctl.start, ctl.stop会碰到权限问题:
system/core/init/property_service.c
/*
* White list of UID that are allowed to start/stop services.
* Currently there are no user apps that require.
*/
struct
const char *service;
unsigned int uid;
unsigned int gid;
control_perms[] =
"dumpstate",AID_SHELL, AID_LOG , //表示允许AID_SHELL用户控制 "dumpstate"服务
"ril-daemon",AID_RADIO, AID_RADIO , //表示允许AID_RADIO用户控制 "ril-daemon"服务
NULL, 0, 0
;
/*
* Checks permissions for starting/stoping system services.
* AID_SYSTEM and AID_ROOT are always allowed.
* Returns 1 if uid allowed, 0 otherwise.
*
*/
static int check_control_perms( const char *name, int uid, int gid )
int i;
if ( uid == AID_SYSTEM || uid == AID_ROOT )
return 1;
/* Search the ACL */
for ( i = 0; control_perms[i].service; i++ )
if ( strcmp( control_perms[i].service, name ) == 0 )
if ( (uid && control_perms[i].uid == uid) || (gid && control_perms[i].gid == gid) )
return 1;
return 0;
只有uid == AID_SYSTEM || uid == AID_ROOT或在control_perms[]定义的uid进程才有权限start/stop services
因此,如果我们碰到了权限问题,根据log提示在/system/core/include/private/android_filesystem_config.h
中查到进程定义,添加到control_perms[]列表,比如,uid ==AID_WIFI的某个程序需要权限启动service_xx:
control_perms[] =
"dumpstate",AID_SHELL, AID_LOG ,
+ "service_xx",AID_WIFI, AID_WIFI,
NULL, 0, 0
;
以上是关于Android启动init.rc中service的权限问题的主要内容,如果未能解决你的问题,请参考以下文章
Android 进阶——系统启动之Android init.rc脚本解析