Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --- /home/giveen/cm10/device/dell/streak/init.rc (our INIT.RC)
- +++ /home/giveen/Downloads/boot.img-ramdisk/init.rc (WHAT CM10 USES)
- @@ -1,3 +1,13 @@
- +# Copyright (C) 2012 The Android Open Source Project
- +#
- +# IMPORTANT: Do not create world writable files or directories.
- +# This is a common source of Android security bugs.
- +#
- +
- +import /init.${ro.hardware}.rc
- +import /init.usb.rc
- +import /init.trace.rc
- +
- on early-init
- # Set init and its forked children's oom_adj.
- write /proc/1/oom_adj -16
- @@ -17,12 +27,9 @@
- export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
- export LD_LIBRARY_PATH /vendor/lib:/system/lib
- export ANDROID_BOOTLOGO 1
- - export ANDROID_CACHE /cache
- export ANDROID_ROOT /system
- export ANDROID_ASSETS /system/app
- export ANDROID_DATA /data
- - export DOWNLOAD_CACHE /cache/download
- - export EXTERNAL_STORAGE /mnt/sdcard
- export ASEC_MOUNTPOINT /mnt/asec
- export LOOP_MOUNTPOINT /mnt/obb
- export BOOTCLASSPATH /system/framework/core.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/framework2.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/apache-xml.jar
- @@ -34,25 +41,16 @@
- # Right now vendor lives on the same filesystem as system,
- # but someday that may change.
- symlink /system/vendor /vendor
- -
- -# create mountpoints
- - mkdir /mnt 0775 root system
- - mkdir /mnt/sdcard 0000 system system
- # Create cgroup mount point for cpu accounting
- mkdir /acct
- mount cgroup none /acct cpuacct
- mkdir /acct/uid
- -# Backwards Compat - XXX: Going away in G*
- - symlink /mnt/sdcard /sdcard
- -
- mkdir /system
- mkdir /data 0771 system system
- mkdir /cache 0771 system cache
- mkdir /config 0500 root root
- - mkdir /persist 0771 system system
- - mkdir /firstboot 0755 system system
- # Directory for putting things only root should see.
- mkdir /mnt/secure 0700 root root
- @@ -80,25 +78,36 @@
- write /proc/sys/kernel/sched_compat_yield 1
- write /proc/sys/kernel/sched_child_runs_first 0
- write /proc/sys/kernel/randomize_va_space 2
- + write /proc/sys/kernel/kptr_restrict 2
- + write /proc/sys/kernel/dmesg_restrict 1
- + write /proc/sys/vm/mmap_min_addr 32768
- + write /proc/sys/kernel/sched_rt_runtime_us 950000
- + write /proc/sys/kernel/sched_rt_period_us 1000000
- # Create cgroup mount points for process groups
- mkdir /dev/cpuctl
- mount cgroup none /dev/cpuctl cpu
- chown system system /dev/cpuctl
- chown system system /dev/cpuctl/tasks
- - chmod 0777 /dev/cpuctl/tasks
- + chmod 0660 /dev/cpuctl/tasks
- write /dev/cpuctl/cpu.shares 1024
- -
- - mkdir /dev/cpuctl/fg_boost
- - chown system system /dev/cpuctl/fg_boost/tasks
- - chmod 0777 /dev/cpuctl/fg_boost/tasks
- - write /dev/cpuctl/fg_boost/cpu.shares 1024
- -
- - mkdir /dev/cpuctl/bg_non_interactive
- - chown system system /dev/cpuctl/bg_non_interactive/tasks
- - chmod 0777 /dev/cpuctl/bg_non_interactive/tasks
- + write /dev/cpuctl/cpu.rt_runtime_us 950000
- + write /dev/cpuctl/cpu.rt_period_us 1000000
- +
- + mkdir /dev/cpuctl/apps
- + chown system system /dev/cpuctl/apps/tasks
- + chmod 0666 /dev/cpuctl/apps/tasks
- + write /dev/cpuctl/apps/cpu.shares 1024
- + write /dev/cpuctl/apps/cpu.rt_runtime_us 800000
- + write /dev/cpuctl/apps/cpu.rt_period_us 1000000
- +
- + mkdir /dev/cpuctl/apps/bg_non_interactive
- + chown system system /dev/cpuctl/apps/bg_non_interactive/tasks
- + chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks
- # 5.0 %
- - write /dev/cpuctl/bg_non_interactive/cpu.shares 52
- + write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52
- + write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000
- + write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000
- # Allow everybody to read the xt_qtaguid resource tracking misc dev.
- # This is needed by any process that uses socket tagging.
- @@ -108,10 +117,9 @@
- # mount mtd partitions
- # Mount /system rw first to give the filesystem a chance to save a checkpoint
- mount yaffs2 mtd@system /system
- - mount yaffs2 mtd@system /system rw remount
- - mount yaffs2 mtd@userdata /firstboot
- - mount ext4 /dev/block/innersd0p6 /data noatime nosuid nodev nodiratime errors=continue barrier=0 noauto_da_alloc nobh data=writeback
- - mount ext4 /dev/block/innersd0p5 /cache noatime nosuid nodev nodiratime errors=continue barrier=0 noauto_da_alloc nobh data=writeback
- + mount yaffs2 mtd@system /system ro remount
- + mount yaffs2 mtd@userdata /data nosuid nodev
- + mount yaffs2 mtd@cache /cache nosuid nodev
- on post-fs
- # once everything is setup, no need to modify /
- @@ -159,7 +167,7 @@
- write /proc/apanic_console 1
- -# create basic filesystem structure
- + # create basic filesystem structure
- mkdir /data/misc 01771 system misc
- mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth
- mkdir /data/misc/bluetooth 0770 system system
- @@ -167,34 +175,27 @@
- mkdir /data/misc/keychain 0771 system system
- mkdir /data/misc/vpn 0770 system vpn
- mkdir /data/misc/systemkeys 0700 system system
- - mkdir /data/misc/vpn/profiles 0770 system system
- # give system access to wpa_supplicant.conf for backup and restore
- mkdir /data/misc/wifi 0770 wifi wifi
- - chmod 0770 /data/misc/wifi
- chmod 0660 /data/misc/wifi/wpa_supplicant.conf
- - mkdir /data/local 0771 shell shell
- + mkdir /data/local 0751 root root
- +
- + # For security reasons, /data/local/tmp should always be empty.
- + # Do not place files or directories in /data/local/tmp
- mkdir /data/local/tmp 0771 shell shell
- - mkdir /data/local/download 0771 system cache
- mkdir /data/data 0771 system system
- mkdir /data/app-private 0771 system system
- + mkdir /data/app-asec 0700 root root
- mkdir /data/app 0771 system system
- mkdir /data/property 0700 root root
- + mkdir /data/ssh 0750 root shell
- + mkdir /data/ssh/empty 0700 root root
- mkdir /data/radio 0770 radio radio
- - # DRM
- - mkdir /data/misc/drm 0777 system system
- - chmod 0777 /data/misc/drm
- - # symlink /data/misc/drm /system/etc/security/drm
- -
- - mkdir /cache/download 0771 system cache
- -
- - # create dalvik-cache and double-check the perms
- +
- + # create dalvik-cache and double-check the perms, so as to enforce our permissions
- mkdir /data/dalvik-cache 0771 system system
- chown system system /data/dalvik-cache
- chmod 0771 /data/dalvik-cache
- -
- - mkdir /cache/dalvik-cache 0771 system system
- - chown system system /cache/dalvik-cache
- - chmod 0771 /cache/dalvik-cache
- # create resource-cache and double-check the perms
- mkdir /data/resource-cache 0771 system system
- @@ -202,40 +203,11 @@
- chmod 0771 /data/resource-cache
- # create the lost+found directories, so as to enforce our permissions
- - mkdir /data/lost+found 0770
- - mkdir /cache/lost+found 0770
- -
- - # double check the perms, in case lost+found already exists, and set owner
- - chown root root /data/lost+found
- - chmod 0770 /data/lost+found
- - chown root root /cache/lost+found
- - chmod 0770 /cache/lost+found
- -
- - # allow net_raw to have access to /dev/socket directory
- - chown root net_raw /dev/socket
- - chmod 0775 /dev/socket
- -
- -# Change bootloader control ownership.
- - chown system system /proc/loader
- - chmod 0777 /proc/loader
- -
- -# Shuli, create system log folders.
- - mkdir /data/systemlog 0777 root root
- - mkdir /data/systemlog/wakelock 0777 root root
- - mkdir /data/systemlog/kwakelock 0777 root root
- - mkdir /data/systemlog/kwakelock_main 0777 root root
- - mkdir /data/systemlog/reload 0777 root root
- - chown root system /sys/devices/virtual/misc/lsensor_taos/ctrl
- - chown root system /sys/class/leds/lcd-backlight/mode
- - chown media camera /sys/class/msm_camera/austin/sensor
- - chown media camera /sys/class/msm_camera/austin/status
- -
- -# Shuli, logfilter, leave this at the bottom.
- -on property:ro.build.FEATURE_LOGFILTER_MTD3=1
- - chmod 0666 /dev/mtd/mtd3
- -
- -on property:ro.build.FEATURE_LOGFILTER_MTD4=1
- - chmod 0666 /dev/mtd/mtd4
- + mkdir /data/lost+found 0770 root root
- +
- + # create directory for DRM plug-ins - give drm the read/write access to
- + # the following directory.
- + mkdir /data/drm 0770 drm drm
- # If there is no fs-post-data action in the init.<device>.rc file, you
- # must uncomment this line, otherwise encrypted filesystems
- @@ -243,13 +215,8 @@
- # Set indication (checked by vold) that we have finished this action
- #setprop vold.post_fs_data_done 1
- - chown system system /sys/class/android_usb/android0/f_mass_storage/lun/file
- - chmod 0660 /sys/class/android_usb/android0/f_mass_storage/lun/file
- - chown system system /sys/class/android_usb/android0/f_rndis/ethaddr
- - chmod 0660 /sys/class/android_usb/android0/f_rndis/ethaddr
- -
- # Include extra init file
- - import /system/etc/init.local.rc
- + import /init.cm.rc
- on boot
- # basic network init
- @@ -257,17 +224,12 @@
- hostname localhost
- domainname localdomain
- - mkdir /data/misc/wifi 0777 wifi wifi
- - mkdir /data/misc/wifi/sockets 0777 wifi wifi
- - mkdir /data/misc/dhcp 0770 dhcp dhcp
- - chown dhcp dhcp /data/misc/dhcp
- -
- # set RLIMIT_NICE to allow priorities from 19 to -20
- setrlimit 13 40 40
- # Memory management. Basic kernel parameters, and allow the high
- # level system server to be able to adjust the kernel OOM driver
- -# paramters to match how it is managing things.
- +# parameters to match how it is managing things.
- write /proc/sys/vm/overcommit_memory 1
- write /proc/sys/vm/min_free_order_shift 4
- chown root system /sys/module/lowmemorykiller/parameters/adj
- @@ -279,21 +241,44 @@
- write /proc/sys/vm/dirty_expire_centisecs 200
- write /proc/sys/vm/dirty_background_ratio 5
- - # Adjust socket buffer to enlarge TCP receive window for high bandwidth
- - write /proc/sys/net/ipv4/tcp_adv_win_scale 1
- -
- # Permissions for System Server and daemons.
- chown radio system /sys/android_power/state
- chown radio system /sys/android_power/request_state
- chown radio system /sys/android_power/acquire_full_wake_lock
- chown radio system /sys/android_power/acquire_partial_wake_lock
- chown radio system /sys/android_power/release_wake_lock
- - chown radio system /sys/power/state
- + chown system system /sys/power/state
- + chown system system /sys/power/wakeup_count
- chown radio system /sys/power/wake_lock
- chown radio system /sys/power/wake_unlock
- chmod 0660 /sys/power/state
- chmod 0660 /sys/power/wake_lock
- chmod 0660 /sys/power/wake_unlock
- +
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/boost
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse
- + chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost
- + chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost
- +
- + # Assume SMP uses shared cpufreq policy for all CPUs
- + chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
- + chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
- + chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
- + chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
- + chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
- + chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
- +
- chown system system /sys/class/timed_output/vibrator/enable
- chown system system /sys/class/leds/keyboard-backlight/brightness
- chown system system /sys/class/leds/lcd-backlight/brightness
- @@ -312,11 +297,6 @@
- chown system system /sys/class/leds/red/device/grppwm
- chown system system /sys/class/leds/red/device/blink
- chown system system /sys/class/timed_output/vibrator/enable
- -
- - # Menghan Cheng, 20100428, flash light for camera
- - chown media camera /sys/class/leds/spotlight/brightness
- - chown media camera /sys/class/timed_output/flash/enable
- -
- chown system system /sys/module/sco/parameters/disable_esco
- chown system system /sys/kernel/ipv4/tcp_wmem_min
- chown system system /sys/kernel/ipv4/tcp_wmem_def
- @@ -326,45 +306,20 @@
- chown system system /sys/kernel/ipv4/tcp_rmem_max
- chown root radio /proc/cmdline
- - chown system system /sys/module/g_android/parameters/product_id
- - chown system system /sys/module/g_android/parameters/set_rndis
- - chown system system /sys/devices/platform/msm_sdcc.1/polling
- - chown system system /sys/devices/platform/msm_sdcc.2/polling
- - chown system system /sys/devices/platform/msm_sdcc.3/polling
- - chown system system /sys/devices/platform/msm_sdcc.4/polling
- - chown system system /sys/devices/platform/android_usb/composition
- - chown system system /sys/devices/platform/android_usb/remote_wakeup
- -
- - # allow system to modify cpufreq control files
- - chown root system /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
- - chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
- - chown root system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
- - chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq
- - chown root system /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
- - chmod 0664 /sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq
- -
- -# Shuli
- - chmod 0666 /dev/auo_misc_touch
- -
- # Define TCP buffer sizes for various networks
- # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,
- - setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208
- + setprop net.tcp.buffersize.default 4096,87380,704512,4096,16384,110208
- setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576
- - setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576
- - setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208
- - setprop net.tcp.buffersize.hspa 4094,87380,262144,4096,16384,262144
- - setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040
- - setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680
- -
- -# allow system to modify ksm control files
- - chown root system /sys/kernel/mm/ksm/pages_to_scan
- - chmod 0664 /sys/kernel/mm/ksm/pages_to_scan
- - chown root system /sys/kernel/mm/ksm/sleep_millisecs
- - chmod 0664 /sys/kernel/mm/ksm/sleep_millisecs
- - chown root system /sys/kernel/mm/ksm/run
- - chmod 0664 /sys/kernel/mm/ksm/run
- - write /sys/kernel/mm/ksm/sleep_millisecs 1500
- - write /sys/kernel/mm/ksm/pages_to_scan 256
- + setprop net.tcp.buffersize.lte 4096,87380,1220608,4096,16384,563200
- + setprop net.tcp.buffersize.umts 4096,87380,563200,4096,16384,110208
- + setprop net.tcp.buffersize.hspa 4096,87380,704512,4096,16384,110208
- + setprop net.tcp.buffersize.hsupa 4096,87380,704512,4096,16384,262144
- + setprop net.tcp.buffersize.hsdpa 4096,87380,704512,4096,16384,262144
- + setprop net.tcp.buffersize.hspap 4096,87380,1220608,4096,16384,393216
- + setprop net.tcp.buffersize.edge 4096,26280,35040,4096,16384,35040
- + setprop net.tcp.buffersize.gprs 4096,8760,11680,4096,8760,11680
- + setprop net.tcp.buffersize.evdo 4096,87380,563200,4096,16384,262144
- + setprop net.tcp.buffersize.evdo_b 4096,87380,704512,4096,16384,262144
- # Set this property so surfaceflinger is not started by system_init
- setprop system_init.startsurfaceflinger 0
- @@ -400,49 +355,6 @@
- on property:vold.decrypt=trigger_shutdown_framework
- class_reset late_start
- class_reset main
- -
- -# Used to disable USB when switching states
- -on property:sys.usb.config=none
- - stop adbd
- - write /sys/class/android_usb/android0/enable 0
- - write /sys/class/android_usb/android0/bDeviceClass 0
- - setprop sys.usb.state $sys.usb.config
- -
- -# adb only USB configuration
- -# This should only be used during device bringup
- -# and as a fallback if the USB manager fails to set a standard configuration
- -on property:sys.usb.config=adb
- - write /sys/class/android_usb/android0/enable 0
- - write /sys/class/android_usb/android0/idVendor 18d1
- - write /sys/class/android_usb/android0/idProduct D002
- - write /sys/class/android_usb/android0/functions $sys.usb.config
- - write /sys/class/android_usb/android0/enable 1
- - start adbd
- - setprop sys.usb.state $sys.usb.config
- -
- -# USB accessory configuration
- -on property:sys.usb.config=accessory
- - write /sys/class/android_usb/android0/enable 0
- - write /sys/class/android_usb/android0/idVendor 18d1
- - write /sys/class/android_usb/android0/idProduct 2d00
- - write /sys/class/android_usb/android0/functions $sys.usb.config
- - write /sys/class/android_usb/android0/enable 1
- - setprop sys.usb.state $sys.usb.config
- -
- -# USB accessory configuration, with adb
- -on property:sys.usb.config=accessory,adb
- - write /sys/class/android_usb/android0/enable 0
- - write /sys/class/android_usb/android0/idVendor 18d1
- - write /sys/class/android_usb/android0/idProduct 2d01
- - write /sys/class/android_usb/android0/functions $sys.usb.config
- - write /sys/class/android_usb/android0/enable 1
- - start adbd
- - setprop sys.usb.state $sys.usb.config
- -
- -# Used to set USB configuration at boot and to switch the configuration
- -# when changing the default configuration
- -on property:persist.sys.usb.config=*
- - setprop sys.usb.config $persist.sys.usb.config
- ## Daemon processes to be run by init.
- ##
- @@ -468,18 +380,6 @@
- # adbd on at boot in emulator
- on property:ro.kernel.qemu=1
- start adbd
- -
- -# This property trigger has added to imitiate the previous behavior of "adb root".
- -# The adb gadget driver used to reset the USB bus when the adbd daemon exited,
- -# and the host side adb relied on this behavior to force it to reconnect with the
- -# new adbd instance after init relaunches it. So now we force the USB bus to reset
- -# here when adbd sets the service.adb.root property to 1. We also restart adbd here
- -# rather than waiting for init to notice its death and restarting it so the timing
- -# of USB resetting and adb restarting more closely matches the previous behavior.
- -on property:service.adb.root=1
- - write /sys/class/android_usb/android0/enable 0
- - restart adbd
- - write /sys/class/android_usb/android0/enable 1
- service servicemanager /system/bin/servicemanager
- class core
- @@ -500,11 +400,9 @@
- class main
- socket netd stream 0660 root system
- socket dnsproxyd stream 0660 root inet
- + socket mdns stream 0660 root system
- service debuggerd /system/bin/debuggerd
- - class main
- -
- -service qmuxd /system/bin/qmuxd
- class main
- service ril-daemon /system/bin/rild
- @@ -512,7 +410,7 @@
- socket rild stream 660 root radio
- socket rild-debug stream 660 radio system
- user root
- - group radio cache inet misc audio sdcard_rw qcom_oncrpc diag
- + group radio cache inet misc audio sdcard_r sdcard_rw qcom_oncrpc qcom_diag log
- service surfaceflinger /system/bin/surfaceflinger
- class main
- @@ -522,7 +420,7 @@
- service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server
- class main
- - socket zygote stream 666
- + socket zygote stream 660 root system
- onrestart write /sys/android_power/request_state wake
- onrestart write /sys/power/state on
- onrestart restart media
- @@ -531,12 +429,12 @@
- service drm /system/bin/drmserver
- class main
- user drm
- - group system inet drmrpc
- + group drm system inet drmrpc sdcard_r
- service media /system/bin/mediaserver
- class main
- user media
- - group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc
- + group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc qcom_diag
- ioprio rt 4
- service bootanim /system/bin/bootanimation
- @@ -584,7 +482,7 @@
- service keystore /system/bin/keystore /data/misc/keystore
- class main
- user keystore
- - group keystore
- + group keystore drmrpc
- socket keystore stream 666
- service dumpstate /system/bin/dumpstate -s
- @@ -593,13 +491,14 @@
- disabled
- oneshot
- -#Orville,20101013
- -#service dbupgrade /system/bin/dbupgrade
- -# user root
- -# group root
- -# oneshot
- -
- -#service hitop /system/bin/hitop
- -# user root
- -# group root
- -# oneshot
- +service sshd /system/bin/start-ssh
- + class main
- + disabled
- +
- +service mdnsd /system/bin/mdnsd
- + class main
- + user mdnsr
- + group inet net_raw
- + socket mdnsd stream 0660 mdnsr inet
- + disabled
- + oneshot
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement