243 lines
9.5 KiB
Plaintext
243 lines
9.5 KiB
Plaintext
on early-fs
|
|
start vold
|
|
|
|
on post-fs
|
|
restorecon_recursive /metadata
|
|
mkdir /metadata/vold
|
|
chmod 0700 /metadata/vold
|
|
mkdir /metadata/password_slots 0771 root system
|
|
mkdir /metadata/bootstat 0750 system log
|
|
mkdir /metadata/ota 0700 root system
|
|
mkdir /metadata/ota/snapshots 0700 root system
|
|
|
|
mkdir /metadata/apex 0700 root system
|
|
mkdir /metadata/apex/sessions 0700 root system
|
|
|
|
on post-fs-data
|
|
mark_post_data
|
|
|
|
# Start checkpoint before we touch data
|
|
exec - system system -- /system/bin/vdc checkpoint prepareCheckpoint
|
|
|
|
# We chown/chmod /data again so because mount is run as root + defaults
|
|
chown system system /data
|
|
chmod 0771 /data
|
|
# We restorecon /data in case the userdata partition has been reset.
|
|
restorecon /data
|
|
|
|
# Make sure we have the device encryption key.
|
|
installkey /data
|
|
|
|
# Start bootcharting as soon as possible after the data partition is
|
|
# mounted to collect more data.
|
|
mkdir /data/bootchart 0755 shell shell
|
|
bootchart start
|
|
|
|
# Load fsverity keys. This needs to happen before apexd, as post-install of
|
|
# APEXes may rely on keys.
|
|
exec -- /system/bin/fsverity_init
|
|
|
|
# Make sure that apexd is started in the default namespace
|
|
enter_default_mount_ns
|
|
|
|
# /data/apex is now available. Start apexd to scan and activate APEXes.
|
|
mkdir /data/apex 0750 root system
|
|
mkdir /data/apex/active 0750 root system
|
|
mkdir /data/apex/backup 0700 root system
|
|
mkdir /data/apex/sessions 0700 root system
|
|
mkdir /data/app-staging 0750 system system
|
|
start apexd
|
|
|
|
# Avoid predictable entropy pool. Carry over entropy from previous boot.
|
|
copy /data/system/entropy.dat /dev/urandom
|
|
|
|
# create basic filesystem structure
|
|
mkdir /data/misc 01771 system misc
|
|
mkdir /data/misc/recovery 0770 system log
|
|
copy /data/misc/recovery/ro.build.fingerprint /data/misc/recovery/ro.build.fingerprint.1
|
|
chmod 0440 /data/misc/recovery/ro.build.fingerprint.1
|
|
chown system log /data/misc/recovery/ro.build.fingerprint.1
|
|
write /data/misc/recovery/ro.build.fingerprint ${ro.build.fingerprint}
|
|
chmod 0440 /data/misc/recovery/ro.build.fingerprint
|
|
chown system log /data/misc/recovery/ro.build.fingerprint
|
|
mkdir /data/misc/recovery/proc 0770 system log
|
|
copy /data/misc/recovery/proc/version /data/misc/recovery/proc/version.1
|
|
chmod 0440 /data/misc/recovery/proc/version.1
|
|
chown system log /data/misc/recovery/proc/version.1
|
|
copy /proc/version /data/misc/recovery/proc/version
|
|
chmod 0440 /data/misc/recovery/proc/version
|
|
chown system log /data/misc/recovery/proc/version
|
|
mkdir /data/misc/bluedroid 02770 bluetooth bluetooth
|
|
# Fix the access permissions and group ownership for 'bt_config.conf'
|
|
chmod 0660 /data/misc/bluedroid/bt_config.conf
|
|
chown bluetooth bluetooth /data/misc/bluedroid/bt_config.conf
|
|
mkdir /data/misc/bluetooth 0770 bluetooth bluetooth
|
|
mkdir /data/misc/bluetooth/logs 0770 bluetooth bluetooth
|
|
mkdir /data/misc/keystore 0700 keystore keystore
|
|
mkdir /data/misc/gatekeeper 0700 system system
|
|
mkdir /data/misc/keychain 0771 system system
|
|
mkdir /data/misc/net 0750 root shell
|
|
mkdir /data/misc/radio 0770 system radio
|
|
mkdir /data/misc/sms 0770 system radio
|
|
mkdir /data/misc/carrierid 0770 system radio
|
|
mkdir /data/misc/apns 0770 system radio
|
|
mkdir /data/misc/zoneinfo 0775 system system
|
|
mkdir /data/misc/network_watchlist 0774 system system
|
|
mkdir /data/misc/textclassifier 0771 system system
|
|
mkdir /data/misc/vpn 0770 system vpn
|
|
mkdir /data/misc/shared_relro 0771 shared_relro shared_relro
|
|
mkdir /data/misc/systemkeys 0700 system system
|
|
mkdir /data/misc/wifi 0770 wifi wifi
|
|
mkdir /data/misc/wifi/sockets 0770 wifi wifi
|
|
mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi
|
|
mkdir /data/misc/ethernet 0770 system system
|
|
mkdir /data/misc/dhcp 0770 dhcp dhcp
|
|
mkdir /data/misc/user 0771 root root
|
|
mkdir /data/misc/perfprofd 0775 root root
|
|
# give system access to wpa_supplicant.conf for backup and restore
|
|
chmod 0660 /data/misc/wifi/wpa_supplicant.conf
|
|
mkdir /data/local 0751 root root
|
|
mkdir /data/misc/media 0700 media media
|
|
mkdir /data/misc/audioserver 0700 audioserver audioserver
|
|
mkdir /data/misc/cameraserver 0700 cameraserver cameraserver
|
|
mkdir /data/misc/vold 0700 root root
|
|
mkdir /data/misc/boottrace 0771 system shell
|
|
mkdir /data/misc/update_engine 0700 root root
|
|
mkdir /data/misc/update_engine_log 02750 root log
|
|
mkdir /data/misc/trace 0700 root root
|
|
# create location to store surface and window trace files
|
|
mkdir /data/misc/wmtrace 0700 system system
|
|
# profile file layout
|
|
mkdir /data/misc/profiles 0771 system system
|
|
mkdir /data/misc/profiles/cur 0771 system system
|
|
mkdir /data/misc/profiles/ref 0771 system system
|
|
mkdir /data/misc/profman 0770 system shell
|
|
mkdir /data/misc/gcov 0770 root root
|
|
|
|
mkdir /data/preloads 0775 system system
|
|
|
|
mkdir /data/vendor 0771 root root
|
|
mkdir /data/vendor_ce 0771 root root
|
|
mkdir /data/vendor_de 0771 root root
|
|
mkdir /data/vendor/hardware 0771 root root
|
|
|
|
# For security reasons, /data/local/tmp should always be empty.
|
|
# Do not place files or directories in /data/local/tmp
|
|
mkdir /data/local/tmp 0771 shell shell
|
|
mkdir /data/local/traces 0777 shell shell
|
|
mkdir /data/data 0771 system system
|
|
mkdir /data/app-private 0771 system system
|
|
mkdir /data/app-ephemeral 0771 system system
|
|
mkdir /data/app-asec 0700 root root
|
|
mkdir /data/app-lib 0771 system system
|
|
mkdir /data/app 0771 system system
|
|
mkdir /data/property 0700 root root
|
|
mkdir /data/tombstones 0771 system system
|
|
mkdir /data/vendor/tombstones 0771 root root
|
|
mkdir /data/vendor/tombstones/wifi 0771 wifi wifi
|
|
|
|
# create dalvik-cache, so as to enforce our permissions
|
|
mkdir /data/dalvik-cache 0771 root root
|
|
# create the A/B OTA directory, so as to enforce our permissions
|
|
mkdir /data/ota 0771 root root
|
|
|
|
# create the OTA package directory. It will be accessed by GmsCore (cache
|
|
# group), update_engine and update_verifier.
|
|
mkdir /data/ota_package 0770 system cache
|
|
|
|
# create resource-cache and double-check the perms
|
|
mkdir /data/resource-cache 0771 system system
|
|
chown system system /data/resource-cache
|
|
chmod 0771 /data/resource-cache
|
|
|
|
# create the lost+found directories, so as to enforce our permissions
|
|
mkdir /data/lost+found 0770 root root
|
|
|
|
# create directory for DRM plug-ins - give drm the read/write access to
|
|
# the following directory.
|
|
mkdir /data/drm 0770 drm drm
|
|
|
|
# create directory for MediaDrm plug-ins - give drm the read/write access to
|
|
# the following directory.
|
|
mkdir /data/mediadrm 0770 mediadrm mediadrm
|
|
|
|
mkdir /data/anr 0775 system system
|
|
|
|
# NFC: create data/nfc for nv storage
|
|
mkdir /data/nfc 0770 nfc nfc
|
|
mkdir /data/nfc/param 0770 nfc nfc
|
|
|
|
# Create all remaining /data root dirs so that they are made through init
|
|
# and get proper encryption policy installed
|
|
mkdir /data/backup 0700 system system
|
|
mkdir /data/ss 0700 system system
|
|
|
|
mkdir /data/system 0775 system system
|
|
mkdir /data/system/dropbox 0700 system system
|
|
mkdir /data/system/heapdump 0700 system system
|
|
mkdir /data/system/users 0775 system system
|
|
|
|
mkdir /data/system_de 0770 system system
|
|
mkdir /data/system_ce 0770 system system
|
|
|
|
mkdir /data/misc_de 01771 system misc
|
|
mkdir /data/misc_ce 01771 system misc
|
|
|
|
mkdir /data/user 0711 system system
|
|
mkdir /data/user_de 0711 system system
|
|
symlink /data/data /data/user/0
|
|
|
|
mkdir /data/media 0770 media_rw media_rw
|
|
|
|
mkdir /data/cache 0770 system cache
|
|
mkdir /data/cache/recovery 0770 system cache
|
|
mkdir /data/cache/backup_stage 0700 system system
|
|
mkdir /data/cache/backup 0700 system system
|
|
|
|
# Wait for apexd to finish activating APEXes before starting more processes.
|
|
wait_for_prop apexd.status activated
|
|
perform_apex_config
|
|
|
|
# Allow apexd to snapshot and restore device encrypted apex data in the case
|
|
# of a rollback. This should be done immediately after DE_user data keys
|
|
# are loaded. APEXes should not access this data until this has been
|
|
# completed and apexd.status becomes "ready".
|
|
exec_start apexd-snapshotde
|
|
|
|
init_user0
|
|
|
|
# Set SELinux security contexts on upgrade or policy update.
|
|
restorecon --recursive --skip-ce /data
|
|
|
|
# Check any timezone data in /data is newer than the copy in the runtime module, delete if not.
|
|
exec - system system -- /system/bin/tzdatacheck /apex/com.android.runtime/etc/tz /data/misc/zoneinfo
|
|
|
|
# If there is no post-fs-data action in the init.<device>.rc file, you
|
|
# must uncomment this line, otherwise encrypted filesystems
|
|
# won't work.
|
|
# Set indication (checked by vold) that we have finished this action
|
|
setprop vold.post_fs_data_done 1
|
|
|
|
# sys.memfd_use set to false by default, which keeps it disabled
|
|
# until it is confirmed that apps and vendor processes don't make
|
|
# IOCTLs on ashmem fds any more.
|
|
setprop sys.use_memfd false
|
|
|
|
# Set fscklog permission
|
|
chown root system /dev/fscklogs/log
|
|
chmod 0770 /dev/fscklogs/log
|
|
|
|
####################################
|
|
# post-fs-data for mtk modification
|
|
|
|
#MDDB
|
|
mkdir /data/vendor_de/meta 0770 root root
|
|
mkdir /data/vendor_de/meta/mddb 0770 root root
|
|
|
|
#FACTORY
|
|
mkdir /data/vendor_de/factory 0770 root root
|
|
|
|
#set mdlog and connsyslog permission
|
|
mkdir /data/mdlog 0770 system system
|
|
mkdir /data/connsyslog 0770 system system
|