Allow other processes to run snapshotctl through init.
Running snapshotctl involves talking to gsid, which requires the UID to
be 0. To allow other processes to run snapshotctl without running as the
root user, this change adds system properties "sys.snapshotctl.map" and
"sys.snapshotctl.unmap" that proxy snapshotctl calls.
Bug: 311377497
Test: adb shell setprop sys.snapshotctl.map requested
Test: adb shell setprop sys.snapshotctl.unmap requested
Change-Id: Ia29dde30021a94511b8e699c2c8f3816b851bf5c
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 1e0fa9a..bf34a9e 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1361,3 +1361,16 @@
write /sys/kernel/mm/lru_gen/enabled 5
on property:persist.device_config.mglru_native.lru_gen_config=all
write /sys/kernel/mm/lru_gen/enabled 7
+
+# Allow other processes to run `snapshotctl` through `init`. This requires
+# `set_prop` permission on `snapshotctl_prop`.
+on property:sys.snapshotctl.map=requested
+ # "root" is needed to talk to gsid and pass its check on uid.
+ # "system" is needed to write to "/dev/socket/snapuserd" to talk to
+ # snapuserd.
+ exec - root root system -- /system/bin/snapshotctl map
+ setprop sys.snapshotctl.map "finished"
+
+on property:sys.snapshotctl.unmap=requested
+ exec - root root system -- /system/bin/snapshotctl unmap
+ setprop sys.snapshotctl.unmap "finished"