| /* |
| * Copyright (C) 2015 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| /* This file is used to define the properties of the filesystem |
| ** images generated by build tools (mkbootfs and mkyaffs2image) and |
| ** by the device side of adb. |
| */ |
| |
| #include <private/android_filesystem_config.h> |
| |
| #define NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_DIRS |
| |
| /* Rules for files. |
| ** These rules are applied based on "first match", so they |
| ** should start with the most specific path and work their |
| ** way up to the root. Prefixes ending in * denote wildcards |
| ** and will allow partial matches. |
| */ |
| static const struct fs_path_config android_device_files[] = { |
| { 00700, AID_SYSTEM, AID_SHELL, CAP_MASK_LONG(CAP_BLOCK_SUSPEND), "system/bin/nativepowerman" }, |
| { 00700, AID_SYSTEM, AID_SHELL, CAP_MASK_LONG(CAP_SYS_TIME), "system/bin/tlsdated" }, |
| { 00700, AID_WEBSERV, AID_SHELL, CAP_MASK_LONG(CAP_NET_BIND_SERVICE), "system/bin/webservd" }, |
| |
| { 00700, AID_DHCP, AID_DBUS, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_BIND_SERVICE) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/dhcpcd-6.8.2" }, |
| { 00700, AID_WIFI, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/wpa_supplicant" }, |
| { 00755, AID_WIFI, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/apmanager" }, |
| { 00755, AID_WIFI, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_BIND_SERVICE) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/dnsmasq" }, |
| { 00755, AID_WIFI, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/hostapd" }, |
| |
| /* |
| * 00755 because 'ip(6)tables' is also executed by root in |
| * 'init.firewall(-adb)-setup.sh'. |
| */ |
| { 00755, AID_FIREWALL, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/iptables" }, |
| { 00755, AID_FIREWALL, AID_SHELL, CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_NET_RAW), "system/bin/ip6tables" }, |
| |
| { 00700, AID_BLUETOOTH, AID_SHELL, CAP_MASK_LONG(CAP_BLOCK_SUSPEND) | |
| CAP_MASK_LONG(CAP_NET_ADMIN) | |
| CAP_MASK_LONG(CAP_WAKE_ALARM), "system/bin/bluetoothtbd" }, |
| |
| { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.firewall-adbd-setup.sh" }, |
| { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.firewall-setup.sh" }, |
| { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.wifi-setup.sh" }, |
| }; |