Make init handle reboots
Move the responsibility for rebooting the system from the
reboot command to init. Init is in a better position to take
actions to bring the system down cleanly, including making sure
filesystems are mounted read-only.
The only UIDs which can perform an init triggered reboot are
root, system, and shell.
Modify the reboot command so that it calls into init to perform
the reboot. The reboot command no longer requires CAP_SYS_BOOT.
Remove the -n reboot option and code which supports it. Anyone needing
to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'.
Modify adb so that it calls into init to perform a shutdown.
Bug: 8646621
Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
diff --git a/adb.c b/adb.c
index 9d2b86e..6580c6e 100644
--- a/adb.c
+++ b/adb.c
@@ -1199,9 +1199,8 @@
#endif
int i;
for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {
- if (i == CAP_SETUID || i == CAP_SETGID || i == CAP_SYS_BOOT) {
+ if (i == CAP_SETUID || i == CAP_SETGID) {
// CAP_SETUID CAP_SETGID needed by /system/bin/run-as
- // CAP_SYS_BOOT needed by /system/bin/reboot
continue;
}
int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
@@ -1302,13 +1301,6 @@
/* don't listen on a port (default 5037) if running in secure mode */
/* don't run as root if we are running in secure mode */
if (should_drop_privileges()) {
- struct __user_cap_header_struct header;
- struct __user_cap_data_struct cap[2];
-
- if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) != 0) {
- exit(1);
- }
-
drop_capabilities_bounding_set_if_needed();
/* add extra groups:
@@ -1338,16 +1330,6 @@
exit(1);
}
- memset(&header, 0, sizeof(header));
- memset(cap, 0, sizeof(cap));
-
- /* set CAP_SYS_BOOT capability, so "adb reboot" will succeed */
- header.version = _LINUX_CAPABILITY_VERSION_3;
- header.pid = 0;
- cap[CAP_TO_INDEX(CAP_SYS_BOOT)].effective |= CAP_TO_MASK(CAP_SYS_BOOT);
- cap[CAP_TO_INDEX(CAP_SYS_BOOT)].permitted |= CAP_TO_MASK(CAP_SYS_BOOT);
- capset(&header, cap);
-
D("Local port disabled\n");
} else {
char local_name[30];