Gitiles
Code Review Sign In
gerrit.aospa.co / AOSPA / android_system_core / 88dc657d50cb3289a9011828c497eee996ed958c^! / .
commit88dc657d50cb3289a9011828c497eee996ed958c[log] [tgz]
authorChia-chi Yeh <chiachi@android.com>Fri Jun 19 14:59:08 2009 +0800
committerChia-chi Yeh <chiachi@android.com>Fri Jun 19 15:53:28 2009 +0800
tree8d703a2e08d9dbe206cd5fdadeb535672252a6d5
parentabd54c1b78983ce425250dba137e203b7020637e [diff]
Add device, property, directory, and file permissions for VPN.

diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h
index 4590626..6ba574b 100644
--- a/include/private/android_filesystem_config.h
+++ b/include/private/android_filesystem_config.h

@@ -62,6 +62,7 @@
 #define AID_NET_BT        3002  /* bluetooth: create sco, rfcomm or l2cap sockets */
 #define AID_INET          3003  /* can create AF_INET and AF_INET6 sockets */
 #define AID_NET_RAW       3004  /* can create raw INET sockets */
+#define AID_NET_ADMIN     3005  /* can configure interfaces and routing tables. */
 
 #define AID_MISC          9998  /* access to misc storage */
 #define AID_NOBODY        9999
@@ -101,6 +102,7 @@
     { "keystore",  AID_KEYSTORE, },
     { "inet",      AID_INET, },
     { "net_raw",   AID_NET_RAW, },
+    { "net_admin", AID_NET_ADMIN, },
     { "misc",      AID_MISC, },
     { "nobody",    AID_NOBODY, },
 };
@@ -135,7 +137,7 @@
     { 00750, AID_ROOT,   AID_SHELL,  "sbin" },
     { 00755, AID_ROOT,   AID_SHELL,  "system/bin" },
     { 00755, AID_ROOT,   AID_SHELL,  "system/xbin" },
-    { 00777, AID_ROOT,   AID_ROOT,   "system/etc/ppp" }, /* REMOVE */
+    { 00755, AID_ROOT,   AID_ROOT,   "system/etc/ppp" },
     { 00777, AID_ROOT,   AID_ROOT,   "sdcard" },
     { 00755, AID_ROOT,   AID_ROOT,   0 },
 };
@@ -147,20 +149,18 @@
 ** and will allow partial matches.
 */
 static struct fs_path_config android_files[] = {
-    { 00555, AID_ROOT,      AID_ROOT,      "system/etc/ppp/ip-up" },
-    { 00555, AID_ROOT,      AID_ROOT,      "system/etc/ppp/ip-down" },
     { 00440, AID_ROOT,      AID_SHELL,     "system/etc/init.goldfish.rc" },
     { 00550, AID_ROOT,      AID_SHELL,     "system/etc/init.goldfish.sh" },
     { 00440, AID_ROOT,      AID_SHELL,     "system/etc/init.trout.rc" },
     { 00550, AID_ROOT,      AID_SHELL,     "system/etc/init.ril" },
     { 00550, AID_ROOT,      AID_SHELL,     "system/etc/init.testmenu" },
-    { 00550, AID_ROOT,      AID_SHELL,     "system/etc/init.gprs-pppd" },
     { 00550, AID_DHCP,      AID_SHELL,     "system/etc/dhcpcd/dhcpcd-run-hooks" },
     { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/dbus.conf" },
     { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/hcid.conf" },
     { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/input.conf" },
     { 00440, AID_BLUETOOTH, AID_BLUETOOTH, "system/etc/bluez/audio.conf" },
-    { 00440, AID_RADIO,     AID_AUDIO,     "/system/etc/AudioPara4.csv" },
+    { 00440, AID_RADIO,     AID_AUDIO,     "system/etc/AudioPara4.csv" },
+    { 00555, AID_ROOT,      AID_ROOT,      "system/etc/ppp/*" },
     { 00644, AID_SYSTEM,    AID_SYSTEM,    "data/app/*" },
     { 00644, AID_SYSTEM,    AID_SYSTEM,    "data/app-private/*" },
     { 00644, AID_APP,       AID_APP,       "data/data/*" },

diff --git a/init/devices.c b/init/devices.c
index 49335a5..ac72b34 100644
--- a/init/devices.c
+++ b/init/devices.c

@@ -132,7 +132,8 @@
     { "/dev/qmi0",          0640,   AID_RADIO,      AID_RADIO,      0 },
     { "/dev/qmi1",          0640,   AID_RADIO,      AID_RADIO,      0 },
     { "/dev/qmi2",          0640,   AID_RADIO,      AID_RADIO,      0 },
-    { "/dev/tun",           0640,   AID_VPN  ,      AID_VPN,        0 },
+    { "/dev/ppp",           0660,   AID_RADIO,      AID_VPN,        0 },
+    { "/dev/tun",           0640,   AID_VPN,        AID_VPN,        0 },
     { NULL, 0, 0, 0, 0 },
 };
 

diff --git a/init/property_service.c b/init/property_service.c
index 48ca3ea..23a8821 100644
--- a/init/property_service.c
+++ b/init/property_service.c

@@ -67,6 +67,8 @@
     { "wlan.",		AID_SYSTEM },
     { "dhcp.",		AID_SYSTEM },
     { "dhcp.",		AID_DHCP },
+    { "vpn.",		AID_SYSTEM },
+    { "vpn.",		AID_VPN },
     { "debug.",		AID_SHELL },
     { "log.",		AID_SHELL },
     { "service.adb.root",	AID_SHELL },