Add new 'update_engine_log' GID
Add a new GID for controlling access to the update
engine logs.
This is an enabler for a new permission to grant
access update engine logs only:
android.permission.READ_UPDATE_ENGINE_LOGS
Note: holders of android.permission.READ_LOGS will
still have access to update engine logs.
Bug: 397893018
Test: Flash software, check permissions of directory
Flash software without this patch. Flash software with this
CL on top. Confirm permission. Confirm log files included in
bugreport.
Change-Id: I9632cf1b894a6deafd33a769f736b0736e8ca82e
diff --git a/libcutils/include/private/android_filesystem_config.h b/libcutils/include/private/android_filesystem_config.h
index 2aaafbe..b6aded0 100644
--- a/libcutils/include/private/android_filesystem_config.h
+++ b/libcutils/include/private/android_filesystem_config.h
@@ -144,6 +144,7 @@
#define AID_UPROBESTATS 1093 /* uid for uprobestats */
#define AID_CROS_EC 1094 /* uid for accessing ChromeOS EC (cros_ec) */
#define AID_MMD 1095 /* uid for memory management daemon */
+#define AID_UPDATE_ENGINE_LOG 1096 /* GID for accessing update_engine logs */
// Additions to this file must be made in AOSP, *not* in internal branches.
// You will also need to update expect_ids() in bionic/tests/grp_pwd_test.cpp.
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 1545d09..404029b 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -790,7 +790,8 @@
mkdir /data/misc/vold 0700 root root
mkdir /data/misc/boottrace 0771 system shell
mkdir /data/misc/update_engine 0700 root root
- mkdir /data/misc/update_engine_log 02750 root log
+ mkdir /data/misc/update_engine_log 02750 root update_engine_log
+ chown root update_engine_log /data/misc/update_engine_log
mkdir /data/misc/trace 0700 root root
# create location to store surface and window trace files
mkdir /data/misc/wmtrace 0700 system system