Multi-user external storage support.
Move FUSE daemon to secure mount point, and relax /storage access
now that sdcard_r is enforced using private bind mounts in zygote.
Bug: 6925012
Change-Id: I9bcb51ea80ee634e509c32272656f3f280849cce
diff --git a/init.manta.rc b/init.manta.rc
index 1fab6c3..da870f5 100644
--- a/init.manta.rc
+++ b/init.manta.rc
@@ -1,19 +1,21 @@
import init.manta.usb.rc
-on early-init
- export EXTERNAL_STORAGE /storage/sdcard0
- mkdir /storage 0050 system sdcard_r
- mkdir /storage/sdcard0 0000 system system
- symlink /storage/sdcard0 /sdcard
- symlink /storage/sdcard0 /mnt/sdcard
-
on init
start watchdogd
+ export EXTERNAL_STORAGE /storage/sdcard0
+ mkdir /storage 0711 root root
+ mkdir /storage/sdcard0 0000 root root
+ symlink /storage/sdcard0 /sdcard
+ symlink /storage/sdcard0 /mnt/sdcard
+
+ # Save bugreports as owner
+ export BUGREPORT_WRITE_PATH /mnt/secure/sdcard0/0
+ export BUGREPORT_READ_PATH /storage/sdcard0
+
on post-fs-data
- # we will remap this as /storage/sdcard0 with the sdcard fuse tool
mkdir /data/media 0770 media_rw media_rw
- chown media_rw media_rw /data/media
+
setprop vold.post_fs_data_done 1
mkdir /data/misc/wifi 0770 wifi wifi
mkdir /data/misc/wifi/sockets 0770 wifi wifi
@@ -59,10 +61,8 @@
mkdir /data/nfc 770 nfc nfc
mkdir /data/nfc/param 770 nfc nfc
-# create virtual SD card at /storage/sdcard0, based on the /data/media directory
-# daemon will drop to user/group system/media_rw after initializing
-# underlying files in /data/media will be created with user and group media_rw (1023)
-service sdcard /system/bin/sdcard /data/media /storage/sdcard0 1023 1023
+# virtual sdcard daemon running as media_rw (1023)
+service sdcard /system/bin/sdcard /data/media /mnt/secure/sdcard0 1023 1023
class late_start
service p2p_supplicant /system/bin/wpa_supplicant \
diff --git a/init.smdk5250.rc b/init.smdk5250.rc
index fb90eae..397d565 100644
--- a/init.smdk5250.rc
+++ b/init.smdk5250.rc
@@ -1,16 +1,21 @@
import init.smdk5250.usb.rc
-on early-init
+on init
+ mkdir /mnt/secure/sdcard0 0700 root root
+
export EXTERNAL_STORAGE /storage/sdcard0
- mkdir /storage 0050 system sdcard_r
- mkdir /storage/sdcard0 0000 system system
+ mkdir /storage 0711 root root
+ mkdir /storage/sdcard0 0000 root root
symlink /storage/sdcard0 /sdcard
symlink /storage/sdcard0 /mnt/sdcard
+ # Save bugreports as owner
+ export BUGREPORT_WRITE_PATH /mnt/secure/sdcard0/0
+ export BUGREPORT_READ_PATH /storage/sdcard0
+
on post-fs-data
- # we will remap this as /storage/sdcard with the sdcard fuse tool
mkdir /data/media 0770 media_rw media_rw
- chown media_rw media_rw /data/media
+
setprop vold.post_fs_data_done 1
on boot
@@ -45,8 +50,6 @@
group root
oneshot
-# create virtual SD card at /storage/sdcard, based on the /data/media directory
-# daemon will drop to user/group system/media_rw after initializing
-# underlying files in /data/media will be created with user and group media_rw (1023)
-service sdcard /system/bin/sdcard /data/media /storage/sdcard0 1023 1023
+# virtual sdcard daemon running as media_rw (1023)
+service sdcard /system/bin/sdcard /data/media /mnt/secure/sdcard0 1023 1023
class late_start