pax-pwn/firmware/tree/startup/init.rc

171 lines
4.5 KiB
Plaintext
Raw Normal View History

on fs
sysclktz 0
loglevel 3
# setup the global environment
export PATH /bin:/sbin:/usr/sbin:/usr/bin:/base/bin:/base/sbin:/opt/bin
export GCONV_PATH /lib/gconv
export DISPLAY :0.0
symlink /startup/bin /bin
symlink /startup/sbin /sbin
mkdir /tmp
mount tmpfs tmpfs /tmp
mkdir /tmp/run
mkdir /tmp/lock
chmod 1777 /tmp/lock
mkdir /var
symlink /tmp /var/tmp
symlink /tmp/run /var/run
symlink /tmp/lock /var/lock
mkdir /base
loadimg mtd@base /base
mkdir /data
copy /proc/mtd /startup/mtd
chmod 0444 /startup/mtd
check_and_mount_data
on early-boot
# create POSIX shared memory folder
mkdir /dev/shm
chmod 0777 /dev/shm
mount tmpfs tmpfs /dev/shm
# restrict file permission under /usr/bin
chmod 750 /usr/bin/modemd
chmod 750 /usr/bin/pedd
chmod 750 /usr/bin/ipservice
chown root MAINAPP /usr/bin/crashd
chmod 750 /usr/bin/crashd
chown root root /usr/bin/devinfo
chmod 755 /usr/bin/devinfo
chown root MAINAPP /usr/bin/installer
chmod 750 /usr/bin/installer
chmod 750 /usr/bin/keyman
# logcat, let it 755
chown root MAINAPP /usr/bin/runapp
chmod 750 /usr/bin/runapp
chmod 750 /usr/bin/servicemanager
chown root MAINAPP /usr/bin/tm
chmod 750 /usr/bin/tm
chown root MAINAPP /usr/bin/systemservice
chmod 750 /usr/bin/systemservice
chown root MAINAPP /usr/bin/ts_calibrate
chmod 750 /usr/bin/ts_calibrate
chown root MAINAPP /usr/bin/xcbd
chmod 750 /usr/bin/xcbd
# ./captoi sys_ptrace
setcap 0x00080000 /bin/gdbserver
# ./captoi dac_override setgid setuid setfcap chown
setcap 0x800000c3 /usr/bin/installer
# ./captoi setgid setuid
setcap 0x000000c0 /usr/bin/runapp
# ./captoi setgid setuid
setcap 0x000000c0 /bin/xlogin
# ./captoi net_admin net_raw sys_boot sys_time sys_admin
setcap 0x02603000 /usr/bin/tm
# ./captoi sys_admin sys_ptrace
setcap 0x00280000 /usr/bin/crashd
# ./captoi net_admin net_raw sys_boot sys_time sys_admin
setcap 0x02603000 /usr/bin/systemservice
# ./captoi sys_boot sys_time
setcap 0x02400000 /usr/bin/xcbd
mkdir /data/tombstones
chmod 770 /data/tombstones
chown MAINAPP MAINAPP /data/tombstones
mkdir /data/security
chmod 600 /data/security
chown root root /data/security
symlink /base/lib /lib
symlink /data/etc /etc
symlink /data/opt /opt
symlink /lib/gconv /usr/lib/gconv
write /proc/sys/kernel/randomize_va_space 2
write /proc/sys/net/ipv4/tcp_keepalive_time 30
write /proc/sys/net/ipv4/tcp_keepalive_intvl 15
write /proc/sys/net/ipv4/tcp_keepalive_probes 5
setprop ro.pukmode 2
on boot
# basic network init
ifup lo
hostname localhost
domainname localdomain
# mount usbfs
mkdir /dev/bus/usb
mount usbfs none /dev/bus/usb devmode=0666
#u disk mount
mkdir /mnt
mount tmpfs tmpfs /mnt noatime noexec nosuid size=16k
chown MAINAPP MAINAPP /mnt
# set RLIMIT_NICE to allow priorities from 19 to -20
# RLIMIT_NICE 13
setrlimit 13 40 40
# RLIMIT_STACK 3
setrlimit 3 2097152 2097152
class_start core
if property:ro.fac.prolin_debug_level=0 rm /startup/bin/*
if property:ro.fac.prolin_debug_level=0 rm /startup/sbin/*
if property:ro.fac.prolin_debug_level=0 umount /proc
if property:ro.fac.prolin_debug_level=0 rm /startup/modules/*
if property:ro.fac.prolin_debug_level=0 rmdir /startup/modules/
if property:ro.fac.prolin_debug_level=0 rm /startup/*.rc
if property:ro.fac.prolin_debug_level=0 rm /startup/*.sh
if property:ro.fac.prolin_debug_level=0 rm /startup/*.prop
if property:ro.fac.prolin_debug_level=0 rm /startup/firmware/lcd_*.rle
if property:ro.fac.prolin_debug_level=0 rm startup/firmware/lcd.watermark
if property:ro.fac.prolin_debug_level=0 rm startup/firmware/lcd_readme.txt
if property:ro.fac.prolin_debug_level=1 rm /startup/modules/*
if property:ro.fac.prolin_debug_level=1 rmdir /startup/modules/
if property:ro.fac.prolin_debug_level=1 rm /startup/*.rc
if property:ro.fac.prolin_debug_level=1 rm /startup/*.sh
if property:ro.fac.prolin_debug_level=1 rm /startup/*.prop
wait /tmp/.BINDER_SERVICE_MANAGER_DONE
rm /tmp/.BINDER_SERVICE_MANAGER_DONE
class_start default
## Daemon processes to be run by init.
service ueventd /startup/ueventd
critical
service console-root /bin/sh
console
disabled
user root
group root
service console-MAINAPP /bin/sh
console
disabled
user MAINAPP
group MAINAPP
on property:persist.sys.console.enable=1
if property:ro.console=1 start console-MAINAPP
if property:ro.console=2 start console-root
on property:persist.sys.console.enable=0
if property:ro.console=1 stop console-MAINAPP
if property:ro.console=2 stop console-root