init.rc revision 25dd43a9a5073f0e59102750cb0410b8e9bc9847
1import /init.${ro.hardware}.rc 2 3on early-init 4 # Set init and its forked children's oom_adj. 5 write /proc/1/oom_adj -16 6 7 start ueventd 8 9# create mountpoints 10 mkdir /mnt 0775 root system 11 12on init 13 14sysclktz 0 15 16loglevel 3 17 18# setup the global environment 19 export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin 20 export LD_LIBRARY_PATH /vendor/lib:/system/lib 21 export ANDROID_BOOTLOGO 1 22 export ANDROID_ROOT /system 23 export ANDROID_ASSETS /system/app 24 export ANDROID_DATA /data 25 export ASEC_MOUNTPOINT /mnt/asec 26 export LOOP_MOUNTPOINT /mnt/obb 27 export BOOTCLASSPATH /system/framework/core.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/apache-xml.jar:/system/framework/filterfw.jar 28 29# Backward compatibility 30 symlink /system/etc /etc 31 symlink /sys/kernel/debug /d 32 33# Right now vendor lives on the same filesystem as system, 34# but someday that may change. 35 symlink /system/vendor /vendor 36 37# Create cgroup mount point for cpu accounting 38 mkdir /acct 39 mount cgroup none /acct cpuacct 40 mkdir /acct/uid 41 42 mkdir /system 43 mkdir /data 0771 system system 44 mkdir /cache 0770 system cache 45 mkdir /config 0500 root root 46 47 # Directory for putting things only root should see. 48 mkdir /mnt/secure 0700 root root 49 50 # Directory for staging bindmounts 51 mkdir /mnt/secure/staging 0700 root root 52 53 # Directory-target for where the secure container 54 # imagefile directory will be bind-mounted 55 mkdir /mnt/secure/asec 0700 root root 56 57 # Secure container public mount points. 58 mkdir /mnt/asec 0700 root system 59 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 60 61 # Filesystem image public mount points. 62 mkdir /mnt/obb 0700 root system 63 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 64 65 write /proc/sys/kernel/panic_on_oops 1 66 write /proc/sys/kernel/hung_task_timeout_secs 0 67 write /proc/cpu/alignment 4 68 write /proc/sys/kernel/sched_latency_ns 10000000 69 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 70 write /proc/sys/kernel/sched_compat_yield 1 71 write /proc/sys/kernel/sched_child_runs_first 0 72 write /proc/sys/kernel/randomize_va_space 2 73 74# Create cgroup mount points for process groups 75 mkdir /dev/cpuctl 76 mount cgroup none /dev/cpuctl cpu 77 chown system system /dev/cpuctl 78 chown system system /dev/cpuctl/tasks 79 chmod 0777 /dev/cpuctl/tasks 80 write /dev/cpuctl/cpu.shares 1024 81 82 mkdir /dev/cpuctl/fg_boost 83 chown system system /dev/cpuctl/fg_boost/tasks 84 chmod 0777 /dev/cpuctl/fg_boost/tasks 85 write /dev/cpuctl/fg_boost/cpu.shares 1024 86 87 mkdir /dev/cpuctl/bg_non_interactive 88 chown system system /dev/cpuctl/bg_non_interactive/tasks 89 chmod 0777 /dev/cpuctl/bg_non_interactive/tasks 90 # 5.0 % 91 write /dev/cpuctl/bg_non_interactive/cpu.shares 52 92 93# Allow everybody to read the xt_qtaguid resource tracking misc dev. 94# This is needed by any process that uses socket tagging. 95 chmod 0644 /dev/xt_qtaguid 96 97on fs 98# mount mtd partitions 99 # Mount /system rw first to give the filesystem a chance to save a checkpoint 100 mount yaffs2 mtd@system /system 101 mount yaffs2 mtd@system /system ro remount 102 mount yaffs2 mtd@userdata /data nosuid nodev 103 mount yaffs2 mtd@cache /cache nosuid nodev 104 105on post-fs 106 # once everything is setup, no need to modify / 107 mount rootfs rootfs / ro remount 108 109 # We chown/chmod /cache again so because mount is run as root + defaults 110 chown system cache /cache 111 chmod 0770 /cache 112 113 # This may have been created by the recovery system with odd permissions 114 chown system cache /cache/recovery 115 chmod 0770 /cache/recovery 116 117 #change permissions on vmallocinfo so we can grab it from bugreports 118 chown root log /proc/vmallocinfo 119 chmod 0440 /proc/vmallocinfo 120 121 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks 122 chown root system /proc/kmsg 123 chmod 0440 /proc/kmsg 124 chown root system /proc/sysrq-trigger 125 chmod 0220 /proc/sysrq-trigger 126 127 # create the lost+found directories, so as to enforce our permissions 128 mkdir /cache/lost+found 0770 root root 129 130on post-fs-data 131 # We chown/chmod /data again so because mount is run as root + defaults 132 chown system system /data 133 chmod 0771 /data 134 135 # Create dump dir and collect dumps. 136 # Do this before we mount cache so eventually we can use cache for 137 # storing dumps on platforms which do not have a dedicated dump partition. 138 mkdir /data/dontpanic 0750 root log 139 140 # Collect apanic data, free resources and re-arm trigger 141 copy /proc/apanic_console /data/dontpanic/apanic_console 142 chown root log /data/dontpanic/apanic_console 143 chmod 0640 /data/dontpanic/apanic_console 144 145 copy /proc/apanic_threads /data/dontpanic/apanic_threads 146 chown root log /data/dontpanic/apanic_threads 147 chmod 0640 /data/dontpanic/apanic_threads 148 149 write /proc/apanic_console 1 150 151 # create basic filesystem structure 152 mkdir /data/misc 01771 system misc 153 mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth 154 mkdir /data/misc/bluetooth 0770 system system 155 mkdir /data/misc/keystore 0700 keystore keystore 156 mkdir /data/misc/keychain 0771 system system 157 mkdir /data/misc/vpn 0770 system vpn 158 mkdir /data/misc/systemkeys 0700 system system 159 # give system access to wpa_supplicant.conf for backup and restore 160 mkdir /data/misc/wifi 0770 wifi wifi 161 chmod 0660 /data/misc/wifi/wpa_supplicant.conf 162 mkdir /data/local 0751 root root 163 mkdir /data/local/tmp 0771 shell shell 164 mkdir /data/data 0771 system system 165 mkdir /data/app-private 0771 system system 166 mkdir /data/app 0771 system system 167 mkdir /data/property 0700 root root 168 169 # create dalvik-cache, so as to enforce our permissions 170 mkdir /data/dalvik-cache 0771 system system 171 172 # create resource-cache and double-check the perms 173 mkdir /data/resource-cache 0771 system system 174 chown system system /data/resource-cache 175 chmod 0771 /data/resource-cache 176 177 # create the lost+found directories, so as to enforce our permissions 178 mkdir /data/lost+found 0770 root root 179 180 # create directory for DRM plug-ins - give drm the read/write access to 181 # the following directory. 182 mkdir /data/drm 0770 drm drm 183 184 # If there is no fs-post-data action in the init.<device>.rc file, you 185 # must uncomment this line, otherwise encrypted filesystems 186 # won't work. 187 # Set indication (checked by vold) that we have finished this action 188 #setprop vold.post_fs_data_done 1 189 190 chown system system /sys/class/android_usb/android0/f_mass_storage/lun/file 191 chmod 0660 /sys/class/android_usb/android0/f_mass_storage/lun/file 192 chown system system /sys/class/android_usb/android0/f_rndis/ethaddr 193 chmod 0660 /sys/class/android_usb/android0/f_rndis/ethaddr 194 195on boot 196# basic network init 197 ifup lo 198 hostname localhost 199 domainname localdomain 200 201# set RLIMIT_NICE to allow priorities from 19 to -20 202 setrlimit 13 40 40 203 204# Memory management. Basic kernel parameters, and allow the high 205# level system server to be able to adjust the kernel OOM driver 206# paramters to match how it is managing things. 207 write /proc/sys/vm/overcommit_memory 1 208 write /proc/sys/vm/min_free_order_shift 4 209 chown root system /sys/module/lowmemorykiller/parameters/adj 210 chmod 0664 /sys/module/lowmemorykiller/parameters/adj 211 chown root system /sys/module/lowmemorykiller/parameters/minfree 212 chmod 0664 /sys/module/lowmemorykiller/parameters/minfree 213 214 # Tweak background writeout 215 write /proc/sys/vm/dirty_expire_centisecs 200 216 write /proc/sys/vm/dirty_background_ratio 5 217 218 # Permissions for System Server and daemons. 219 chown radio system /sys/android_power/state 220 chown radio system /sys/android_power/request_state 221 chown radio system /sys/android_power/acquire_full_wake_lock 222 chown radio system /sys/android_power/acquire_partial_wake_lock 223 chown radio system /sys/android_power/release_wake_lock 224 chown radio system /sys/power/state 225 chown radio system /sys/power/wake_lock 226 chown radio system /sys/power/wake_unlock 227 chmod 0660 /sys/power/state 228 chmod 0660 /sys/power/wake_lock 229 chmod 0660 /sys/power/wake_unlock 230 chown system system /sys/class/timed_output/vibrator/enable 231 chown system system /sys/class/leds/keyboard-backlight/brightness 232 chown system system /sys/class/leds/lcd-backlight/brightness 233 chown system system /sys/class/leds/button-backlight/brightness 234 chown system system /sys/class/leds/jogball-backlight/brightness 235 chown system system /sys/class/leds/red/brightness 236 chown system system /sys/class/leds/green/brightness 237 chown system system /sys/class/leds/blue/brightness 238 chown system system /sys/class/leds/red/device/grpfreq 239 chown system system /sys/class/leds/red/device/grppwm 240 chown system system /sys/class/leds/red/device/blink 241 chown system system /sys/class/leds/red/brightness 242 chown system system /sys/class/leds/green/brightness 243 chown system system /sys/class/leds/blue/brightness 244 chown system system /sys/class/leds/red/device/grpfreq 245 chown system system /sys/class/leds/red/device/grppwm 246 chown system system /sys/class/leds/red/device/blink 247 chown system system /sys/class/timed_output/vibrator/enable 248 chown system system /sys/module/sco/parameters/disable_esco 249 chown system system /sys/kernel/ipv4/tcp_wmem_min 250 chown system system /sys/kernel/ipv4/tcp_wmem_def 251 chown system system /sys/kernel/ipv4/tcp_wmem_max 252 chown system system /sys/kernel/ipv4/tcp_rmem_min 253 chown system system /sys/kernel/ipv4/tcp_rmem_def 254 chown system system /sys/kernel/ipv4/tcp_rmem_max 255 chown root radio /proc/cmdline 256 257# Define TCP buffer sizes for various networks 258# ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, 259 setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 260 setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576 261 setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576 262 setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208 263 setprop net.tcp.buffersize.hspa 4094,87380,262144,4096,16384,262144 264 setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040 265 setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680 266 267# Set this property so surfaceflinger is not started by system_init 268 setprop system_init.startsurfaceflinger 0 269 270 class_start core 271 class_start main 272 273on nonencrypted 274 class_start late_start 275 276on charger 277 class_start charger 278 279on property:vold.decrypt=trigger_reset_main 280 class_reset main 281 282on property:vold.decrypt=trigger_load_persist_props 283 load_persist_props 284 285on property:vold.decrypt=trigger_post_fs_data 286 trigger post-fs-data 287 288on property:vold.decrypt=trigger_restart_min_framework 289 class_start main 290 291on property:vold.decrypt=trigger_restart_framework 292 class_start main 293 class_start late_start 294 295on property:vold.decrypt=trigger_shutdown_framework 296 class_reset late_start 297 class_reset main 298 299# Used to disable USB when switching states 300on property:sys.usb.config=none 301 stop adbd 302 write /sys/class/android_usb/android0/enable 0 303 write /sys/class/android_usb/android0/bDeviceClass 0 304 setprop sys.usb.state ${sys.usb.config} 305 306# adb only USB configuration 307# This should only be used during device bringup 308# and as a fallback if the USB manager fails to set a standard configuration 309on property:sys.usb.config=adb 310 write /sys/class/android_usb/android0/enable 0 311 write /sys/class/android_usb/android0/idVendor 18d1 312 write /sys/class/android_usb/android0/idProduct D002 313 write /sys/class/android_usb/android0/functions ${sys.usb.config} 314 write /sys/class/android_usb/android0/enable 1 315 start adbd 316 setprop sys.usb.state ${sys.usb.config} 317 318# USB accessory configuration 319on property:sys.usb.config=accessory 320 write /sys/class/android_usb/android0/enable 0 321 write /sys/class/android_usb/android0/idVendor 18d1 322 write /sys/class/android_usb/android0/idProduct 2d00 323 write /sys/class/android_usb/android0/functions ${sys.usb.config} 324 write /sys/class/android_usb/android0/enable 1 325 setprop sys.usb.state ${sys.usb.config} 326 327# USB accessory configuration, with adb 328on property:sys.usb.config=accessory,adb 329 write /sys/class/android_usb/android0/enable 0 330 write /sys/class/android_usb/android0/idVendor 18d1 331 write /sys/class/android_usb/android0/idProduct 2d01 332 write /sys/class/android_usb/android0/functions ${sys.usb.config} 333 write /sys/class/android_usb/android0/enable 1 334 start adbd 335 setprop sys.usb.state ${sys.usb.config} 336 337# Used to set USB configuration at boot and to switch the configuration 338# when changing the default configuration 339on property:persist.sys.usb.config=* 340 setprop sys.usb.config ${persist.sys.usb.config} 341 342## Daemon processes to be run by init. 343## 344service ueventd /sbin/ueventd 345 class core 346 critical 347 348service console /system/bin/sh 349 class core 350 console 351 disabled 352 user shell 353 group log 354 355on property:ro.debuggable=1 356 start console 357 358# adbd is controlled via property triggers in init.<platform>.usb.rc 359service adbd /sbin/adbd 360 class core 361 disabled 362 363# adbd on at boot in emulator 364on property:ro.kernel.qemu=1 365 start adbd 366 367# This property trigger has added to imitiate the previous behavior of "adb root". 368# The adb gadget driver used to reset the USB bus when the adbd daemon exited, 369# and the host side adb relied on this behavior to force it to reconnect with the 370# new adbd instance after init relaunches it. So now we force the USB bus to reset 371# here when adbd sets the service.adb.root property to 1. We also restart adbd here 372# rather than waiting for init to notice its death and restarting it so the timing 373# of USB resetting and adb restarting more closely matches the previous behavior. 374on property:service.adb.root=1 375 write /sys/class/android_usb/android0/enable 0 376 restart adbd 377 write /sys/class/android_usb/android0/enable 1 378 379service servicemanager /system/bin/servicemanager 380 class core 381 user system 382 group system 383 critical 384 onrestart restart zygote 385 onrestart restart media 386 onrestart restart surfaceflinger 387 onrestart restart drm 388 389service vold /system/bin/vold 390 class core 391 socket vold stream 0660 root mount 392 ioprio be 2 393 394service netd /system/bin/netd 395 class main 396 socket netd stream 0660 root system 397 socket dnsproxyd stream 0660 root inet 398 399service debuggerd /system/bin/debuggerd 400 class main 401 402service ril-daemon /system/bin/rild 403 class main 404 socket rild stream 660 root radio 405 socket rild-debug stream 660 radio system 406 user root 407 group radio cache inet misc audio sdcard_rw log 408 409service surfaceflinger /system/bin/surfaceflinger 410 class main 411 user system 412 group graphics 413 onrestart restart zygote 414 415service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server 416 class main 417 socket zygote stream 660 root system 418 onrestart write /sys/android_power/request_state wake 419 onrestart write /sys/power/state on 420 onrestart restart media 421 onrestart restart netd 422 423service drm /system/bin/drmserver 424 class main 425 user drm 426 group system inet drmrpc 427 428service media /system/bin/mediaserver 429 class main 430 user media 431 group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc 432 ioprio rt 4 433 434service bootanim /system/bin/bootanimation 435 class main 436 user graphics 437 group graphics 438 disabled 439 oneshot 440 441service dbus /system/bin/dbus-daemon --system --nofork 442 class main 443 socket dbus stream 660 bluetooth bluetooth 444 user bluetooth 445 group bluetooth net_bt_admin 446 447service bluetoothd /system/bin/bluetoothd -n 448 class main 449 socket bluetooth stream 660 bluetooth bluetooth 450 socket dbus_bluetooth stream 660 bluetooth bluetooth 451 # init.rc does not yet support applying capabilities, so run as root and 452 # let bluetoothd drop uid to bluetooth with the right linux capabilities 453 group bluetooth net_bt_admin misc 454 disabled 455 456service installd /system/bin/installd 457 class main 458 socket installd stream 600 system system 459 460service flash_recovery /system/etc/install-recovery.sh 461 class main 462 oneshot 463 464service racoon /system/bin/racoon 465 class main 466 socket racoon stream 600 system system 467 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port. 468 group vpn net_admin inet 469 disabled 470 oneshot 471 472service mtpd /system/bin/mtpd 473 class main 474 socket mtpd stream 600 system system 475 user vpn 476 group vpn net_admin inet net_raw 477 disabled 478 oneshot 479 480service keystore /system/bin/keystore /data/misc/keystore 481 class main 482 user keystore 483 group keystore 484 socket keystore stream 666 485 486service dumpstate /system/bin/dumpstate -s 487 class main 488 socket dumpstate stream 0660 shell log 489 disabled 490 oneshot 491