/* * Copyright (C) 2011 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.pm; import static android.os.ParcelFileDescriptor.MODE_CREATE; import static android.os.ParcelFileDescriptor.MODE_READ_WRITE; import com.android.internal.util.ArrayUtils; import com.android.internal.util.FastXmlSerializer; import android.app.ActivityManager; import android.app.ActivityManagerNative; import android.app.IStopUserCallback; import android.content.Context; import android.content.Intent; import android.content.pm.PackageManager; import android.content.pm.UserInfo; import android.os.Binder; import android.os.Environment; import android.os.FileUtils; import android.os.IUserManager; import android.os.ParcelFileDescriptor; import android.os.Process; import android.os.RemoteException; import android.os.UserHandle; import android.util.AtomicFile; import android.util.Slog; import android.util.SparseArray; import android.util.Xml; import java.io.BufferedOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.util.ArrayList; import java.util.List; import org.xmlpull.v1.XmlPullParser; import org.xmlpull.v1.XmlPullParserException; import org.xmlpull.v1.XmlSerializer; public class UserManagerService extends IUserManager.Stub { private static final String LOG_TAG = "UserManagerService"; private static final String TAG_NAME = "name"; private static final String ATTR_FLAGS = "flags"; private static final String ATTR_ICON_PATH = "icon"; private static final String ATTR_ID = "id"; private static final String ATTR_SERIAL_NO = "serialNumber"; private static final String ATTR_NEXT_SERIAL_NO = "nextSerialNumber"; private static final String TAG_USERS = "users"; private static final String TAG_USER = "user"; private static final String USER_INFO_DIR = "system" + File.separator + "users"; private static final String USER_LIST_FILENAME = "userlist.xml"; private static final String USER_PHOTO_FILENAME = "photo.png"; private final Context mContext; private final PackageManagerService mPm; private final Object mInstallLock; private final Object mPackagesLock; private final File mUsersDir; private final File mUserListFile; private final File mBaseUserPath; private SparseArray mUsers = new SparseArray(); private final int mUserLimit; private int[] mUserIds; private boolean mGuestEnabled; private int mNextSerialNumber; private static UserManagerService sInstance; public static UserManagerService getInstance() { synchronized (UserManagerService.class) { return sInstance; } } /** * Available for testing purposes. */ UserManagerService(File dataDir, File baseUserPath) { this(null, null, new Object(), new Object(), dataDir, baseUserPath); } /** * Called by package manager to create the service. This is closely * associated with the package manager, and the given lock is the * package manager's own lock. */ UserManagerService(Context context, PackageManagerService pm, Object installLock, Object packagesLock) { this(context, pm, installLock, packagesLock, Environment.getDataDirectory(), new File(Environment.getDataDirectory(), "user")); } /** * Available for testing purposes. */ private UserManagerService(Context context, PackageManagerService pm, Object installLock, Object packagesLock, File dataDir, File baseUserPath) { synchronized (UserManagerService.class) { mContext = context; mPm = pm; mInstallLock = installLock; mPackagesLock = packagesLock; mUserLimit = mContext.getResources().getInteger( com.android.internal.R.integer.config_multiuserMaximumUsers); mUsersDir = new File(dataDir, USER_INFO_DIR); mUsersDir.mkdirs(); // Make zeroth user directory, for services to migrate their files to that location File userZeroDir = new File(mUsersDir, "0"); userZeroDir.mkdirs(); mBaseUserPath = baseUserPath; FileUtils.setPermissions(mUsersDir.toString(), FileUtils.S_IRWXU|FileUtils.S_IRWXG |FileUtils.S_IROTH|FileUtils.S_IXOTH, -1, -1); mUserListFile = new File(mUsersDir, USER_LIST_FILENAME); readUserList(); sInstance = this; } } @Override public List getUsers() { checkManageUsersPermission("query users"); synchronized (mPackagesLock) { ArrayList users = new ArrayList(mUsers.size()); for (int i = 0; i < mUsers.size(); i++) { users.add(mUsers.valueAt(i)); } return users; } } @Override public UserInfo getUserInfo(int userId) { checkManageUsersPermission("query user"); synchronized (mPackagesLock) { return getUserInfoLocked(userId); } } /* * Should be locked on mUsers before calling this. */ private UserInfo getUserInfoLocked(int userId) { return mUsers.get(userId); } public boolean exists(int userId) { synchronized (mPackagesLock) { return ArrayUtils.contains(mUserIds, userId); } } @Override public void setUserName(int userId, String name) { checkManageUsersPermission("rename users"); synchronized (mPackagesLock) { UserInfo info = mUsers.get(userId); if (name != null && !name.equals(info.name)) { info.name = name; writeUserLocked(info); } } } @Override public ParcelFileDescriptor setUserIcon(int userId) { checkManageUsersPermission("update users"); synchronized (mPackagesLock) { UserInfo info = mUsers.get(userId); if (info == null) return null; ParcelFileDescriptor fd = openIconBitmapLocked(info, true /* write */); if (fd != null) { writeUserLocked(info); } return fd; } } @Override public ParcelFileDescriptor getUserIcon(int userId) { checkManageUsersPermission("read users"); synchronized (mPackagesLock) { UserInfo info = mUsers.get(userId); if (info == null || info.iconPath == null) return null; ParcelFileDescriptor fd = openIconBitmapLocked(info, false /* read */); return fd; } } @Override public void setGuestEnabled(boolean enable) { checkManageUsersPermission("enable guest users"); synchronized (mPackagesLock) { if (mGuestEnabled != enable) { mGuestEnabled = enable; // Erase any guest user that currently exists for (int i = 0; i < mUsers.size(); i++) { UserInfo user = mUsers.valueAt(i); if (user.isGuest()) { if (!enable) { removeUser(user.id); } return; } } // No guest was found if (enable) { createUser("Guest", UserInfo.FLAG_GUEST); } } } } @Override public boolean isGuestEnabled() { synchronized (mPackagesLock) { return mGuestEnabled; } } @Override public void wipeUser(int userHandle) { checkManageUsersPermission("wipe user"); // TODO: } public void makeInitialized(int userId) { checkManageUsersPermission("makeInitialized"); synchronized (mPackagesLock) { UserInfo info = mUsers.get(userId); if (info != null && (info.flags&UserInfo.FLAG_INITIALIZED) == 0) { info.flags |= UserInfo.FLAG_INITIALIZED; writeUserLocked(info); } } } /** * Check if we've hit the limit of how many users can be created. */ private boolean isUserLimitReachedLocked() { int nUsers = mUsers.size(); return nUsers >= mUserLimit; } /** * Enforces that only the system UID or root's UID or apps that have the * {@link android.Manifest.permission.MANAGE_USERS MANAGE_USERS} * permission can make certain calls to the UserManager. * * @param message used as message if SecurityException is thrown * @throws SecurityException if the caller is not system or root */ private static final void checkManageUsersPermission(String message) { final int uid = Binder.getCallingUid(); if (uid != Process.SYSTEM_UID && uid != 0 && ActivityManager.checkComponentPermission( android.Manifest.permission.MANAGE_USERS, uid, -1, true) != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("You need MANAGE_USERS permission to: " + message); } } private ParcelFileDescriptor openIconBitmapLocked(UserInfo info, boolean toWrite) { try { File dir = new File(mUsersDir, Integer.toString(info.id)); File file = new File(dir, USER_PHOTO_FILENAME); if (!dir.exists()) { dir.mkdir(); FileUtils.setPermissions( dir.getPath(), FileUtils.S_IRWXU|FileUtils.S_IRWXG|FileUtils.S_IXOTH, -1, -1); } ParcelFileDescriptor fd = ParcelFileDescriptor.open(file, toWrite ? MODE_CREATE|MODE_READ_WRITE : MODE_READ_WRITE); if (toWrite) { info.iconPath = file.getAbsolutePath(); } return fd; } catch (FileNotFoundException e) { Slog.w(LOG_TAG, "Error setting photo for user ", e); } return null; } /** * Returns an array of user ids. This array is cached here for quick access, so do not modify or * cache it elsewhere. * @return the array of user ids. */ public int[] getUserIds() { synchronized (mPackagesLock) { return mUserIds; } } int[] getUserIdsLPr() { return mUserIds; } private void readUserList() { synchronized (mPackagesLock) { readUserListLocked(); } } private void readUserListLocked() { mGuestEnabled = false; if (!mUserListFile.exists()) { fallbackToSingleUserLocked(); return; } FileInputStream fis = null; AtomicFile userListFile = new AtomicFile(mUserListFile); try { fis = userListFile.openRead(); XmlPullParser parser = Xml.newPullParser(); parser.setInput(fis, null); int type; while ((type = parser.next()) != XmlPullParser.START_TAG && type != XmlPullParser.END_DOCUMENT) { ; } if (type != XmlPullParser.START_TAG) { Slog.e(LOG_TAG, "Unable to read user list"); fallbackToSingleUserLocked(); return; } mNextSerialNumber = -1; if (parser.getName().equals(TAG_USERS)) { String lastSerialNumber = parser.getAttributeValue(null, ATTR_NEXT_SERIAL_NO); if (lastSerialNumber != null) { mNextSerialNumber = Integer.parseInt(lastSerialNumber); } } while ((type = parser.next()) != XmlPullParser.END_DOCUMENT) { if (type == XmlPullParser.START_TAG && parser.getName().equals(TAG_USER)) { String id = parser.getAttributeValue(null, ATTR_ID); UserInfo user = readUser(Integer.parseInt(id)); if (user != null) { mUsers.put(user.id, user); if (user.isGuest()) { mGuestEnabled = true; } if (mNextSerialNumber < 0 || mNextSerialNumber <= user.id) { mNextSerialNumber = user.id + 1; } } } } updateUserIdsLocked(); } catch (IOException ioe) { fallbackToSingleUserLocked(); } catch (XmlPullParserException pe) { fallbackToSingleUserLocked(); } finally { if (fis != null) { try { fis.close(); } catch (IOException e) { } } } } private void fallbackToSingleUserLocked() { // Create the primary user UserInfo primary = new UserInfo(0, "Primary", null, UserInfo.FLAG_ADMIN | UserInfo.FLAG_PRIMARY); mUsers.put(0, primary); updateUserIdsLocked(); writeUserListLocked(); writeUserLocked(primary); } /* * Writes the user file in this format: * * * Primary * */ private void writeUserLocked(UserInfo userInfo) { FileOutputStream fos = null; AtomicFile userFile = new AtomicFile(new File(mUsersDir, userInfo.id + ".xml")); try { fos = userFile.startWrite(); final BufferedOutputStream bos = new BufferedOutputStream(fos); // XmlSerializer serializer = XmlUtils.serializerInstance(); final XmlSerializer serializer = new FastXmlSerializer(); serializer.setOutput(bos, "utf-8"); serializer.startDocument(null, true); serializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true); serializer.startTag(null, TAG_USER); serializer.attribute(null, ATTR_ID, Integer.toString(userInfo.id)); serializer.attribute(null, ATTR_SERIAL_NO, Integer.toString(userInfo.serialNumber)); serializer.attribute(null, ATTR_FLAGS, Integer.toString(userInfo.flags)); if (userInfo.iconPath != null) { serializer.attribute(null, ATTR_ICON_PATH, userInfo.iconPath); } serializer.startTag(null, TAG_NAME); serializer.text(userInfo.name); serializer.endTag(null, TAG_NAME); serializer.endTag(null, TAG_USER); serializer.endDocument(); userFile.finishWrite(fos); } catch (Exception ioe) { Slog.e(LOG_TAG, "Error writing user info " + userInfo.id + "\n" + ioe); userFile.failWrite(fos); } } /* * Writes the user list file in this format: * * * * * */ private void writeUserListLocked() { FileOutputStream fos = null; AtomicFile userListFile = new AtomicFile(mUserListFile); try { fos = userListFile.startWrite(); final BufferedOutputStream bos = new BufferedOutputStream(fos); // XmlSerializer serializer = XmlUtils.serializerInstance(); final XmlSerializer serializer = new FastXmlSerializer(); serializer.setOutput(bos, "utf-8"); serializer.startDocument(null, true); serializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true); serializer.startTag(null, TAG_USERS); serializer.attribute(null, ATTR_NEXT_SERIAL_NO, Integer.toString(mNextSerialNumber)); for (int i = 0; i < mUsers.size(); i++) { UserInfo user = mUsers.valueAt(i); serializer.startTag(null, TAG_USER); serializer.attribute(null, ATTR_ID, Integer.toString(user.id)); serializer.endTag(null, TAG_USER); } serializer.endTag(null, TAG_USERS); serializer.endDocument(); userListFile.finishWrite(fos); } catch (Exception e) { userListFile.failWrite(fos); Slog.e(LOG_TAG, "Error writing user list"); } } private UserInfo readUser(int id) { int flags = 0; int serialNumber = id; String name = null; String iconPath = null; FileInputStream fis = null; try { AtomicFile userFile = new AtomicFile(new File(mUsersDir, Integer.toString(id) + ".xml")); fis = userFile.openRead(); XmlPullParser parser = Xml.newPullParser(); parser.setInput(fis, null); int type; while ((type = parser.next()) != XmlPullParser.START_TAG && type != XmlPullParser.END_DOCUMENT) { ; } if (type != XmlPullParser.START_TAG) { Slog.e(LOG_TAG, "Unable to read user " + id); return null; } if (type == XmlPullParser.START_TAG && parser.getName().equals(TAG_USER)) { String storedId = parser.getAttributeValue(null, ATTR_ID); if (Integer.parseInt(storedId) != id) { Slog.e(LOG_TAG, "User id does not match the file name"); return null; } String serialNumberValue = parser.getAttributeValue(null, ATTR_SERIAL_NO); if (serialNumberValue != null) { serialNumber = Integer.parseInt(serialNumberValue); } String flagString = parser.getAttributeValue(null, ATTR_FLAGS); flags = Integer.parseInt(flagString); iconPath = parser.getAttributeValue(null, ATTR_ICON_PATH); while ((type = parser.next()) != XmlPullParser.START_TAG && type != XmlPullParser.END_DOCUMENT) { } if (type == XmlPullParser.START_TAG && parser.getName().equals(TAG_NAME)) { type = parser.next(); if (type == XmlPullParser.TEXT) { name = parser.getText(); } } } UserInfo userInfo = new UserInfo(id, name, iconPath, flags); userInfo.serialNumber = serialNumber; return userInfo; } catch (IOException ioe) { } catch (XmlPullParserException pe) { } finally { if (fis != null) { try { fis.close(); } catch (IOException e) { } } } return null; } @Override public UserInfo createUser(String name, int flags) { checkManageUsersPermission("Only the system can create users"); final long ident = Binder.clearCallingIdentity(); final UserInfo userInfo; try { synchronized (mInstallLock) { synchronized (mPackagesLock) { if (isUserLimitReachedLocked()) return null; int userId = getNextAvailableIdLocked(); userInfo = new UserInfo(userId, name, null, flags); File userPath = new File(mBaseUserPath, Integer.toString(userId)); userInfo.serialNumber = mNextSerialNumber++; mUsers.put(userId, userInfo); writeUserListLocked(); writeUserLocked(userInfo); updateUserIdsLocked(); mPm.createNewUserLILPw(userId, userPath); } } if (userInfo != null) { Intent addedIntent = new Intent(Intent.ACTION_USER_ADDED); addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userInfo.id); mContext.sendBroadcastAsUser(addedIntent, UserHandle.ALL, android.Manifest.permission.MANAGE_USERS); } } finally { Binder.restoreCallingIdentity(ident); } return userInfo; } /** * Removes a user and all data directories created for that user. This method should be called * after the user's processes have been terminated. * @param id the user's id */ public boolean removeUser(int userHandle) { checkManageUsersPermission("Only the system can remove users"); final UserInfo user; synchronized (mPackagesLock) { user = mUsers.get(userHandle); if (userHandle == 0 || user == null) { return false; } } int res; try { res = ActivityManagerNative.getDefault().stopUser(userHandle, new IStopUserCallback.Stub() { @Override public void userStopped(int userId) { finishRemoveUser(userId); } @Override public void userStopAborted(int userId) { } }); } catch (RemoteException e) { return false; } return res == ActivityManager.USER_OP_SUCCESS; } void finishRemoveUser(int userHandle) { synchronized (mInstallLock) { synchronized (mPackagesLock) { // Cleanup package manager settings mPm.cleanUpUserLILPw(userHandle); // Remove this user from the list mUsers.remove(userHandle); // Remove user file AtomicFile userFile = new AtomicFile(new File(mUsersDir, userHandle + ".xml")); userFile.delete(); // Update the user list writeUserListLocked(); updateUserIdsLocked(); removeDirectoryRecursive(Environment.getUserSystemDirectory(userHandle)); } } // Let other services shutdown any activity long ident = Binder.clearCallingIdentity(); try { Intent addedIntent = new Intent(Intent.ACTION_USER_REMOVED); addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userHandle); mContext.sendBroadcastAsUser(addedIntent, UserHandle.ALL, android.Manifest.permission.MANAGE_USERS); } finally { Binder.restoreCallingIdentity(ident); } } private void removeDirectoryRecursive(File parent) { if (parent.isDirectory()) { String[] files = parent.list(); for (String filename : files) { File child = new File(parent, filename); removeDirectoryRecursive(child); } } parent.delete(); } @Override public int getUserSerialNumber(int userHandle) { synchronized (mPackagesLock) { if (!exists(userHandle)) return -1; return getUserInfoLocked(userHandle).serialNumber; } } @Override public int getUserHandle(int userSerialNumber) { synchronized (mPackagesLock) { for (int userId : mUserIds) { if (getUserInfoLocked(userId).serialNumber == userSerialNumber) return userId; } // Not found return -1; } } /** * Caches the list of user ids in an array, adjusting the array size when necessary. */ private void updateUserIdsLocked() { int[] newUsers = new int[mUsers.size()]; for (int i = 0; i < mUsers.size(); i++) { newUsers[i] = mUsers.keyAt(i); } mUserIds = newUsers; } /** * Returns the next available user id, filling in any holes in the ids. * TODO: May not be a good idea to recycle ids, in case it results in confusion * for data and battery stats collection, or unexpected cross-talk. * @return */ private int getNextAvailableIdLocked() { synchronized (mPackagesLock) { int i = 10; while (i < Integer.MAX_VALUE) { if (mUsers.indexOfKey(i) < 0) { break; } i++; } return i; } } }