init.rc revision 3878ebd72493427ea5537b36dfb9cd7cb38677bb
1# Copyright (C) 2012 The Android Open Source Project 2# 3# IMPORTANT: Do not create world writable files or directories. 4# This is a common source of Android security bugs. 5# 6 7import /init.environ.rc 8import /init.usb.rc 9import /init.${ro.hardware}.rc 10import /init.${ro.zygote}.rc 11import /init.trace.rc 12 13on early-init 14 # Set init and its forked children's oom_adj. 15 write /proc/1/oom_adj -16 16 17 # Apply strict SELinux checking of PROT_EXEC on mmap/mprotect calls. 18 write /sys/fs/selinux/checkreqprot 0 19 20 # Set the security context for the init process. 21 # This should occur before anything else (e.g. ueventd) is started. 22 setcon u:r:init:s0 23 24 # Set the security context of /adb_keys if present. 25 restorecon /adb_keys 26 27 start ueventd 28 29 # create mountpoints 30 mkdir /mnt 0775 root system 31 32on init 33 sysclktz 0 34 35 loglevel 3 36 37 # Backward compatibility 38 symlink /system/etc /etc 39 symlink /sys/kernel/debug /d 40 41 # Right now vendor lives on the same filesystem as system, 42 # but someday that may change. 43 symlink /system/vendor /vendor 44 45 # Create cgroup mount point for cpu accounting 46 mkdir /acct 47 mount cgroup none /acct cpuacct 48 mkdir /acct/uid 49 50 # Create cgroup mount point for memory 51 mount tmpfs none /sys/fs/cgroup mode=0750,uid=0,gid=1000 52 mkdir /sys/fs/cgroup/memory 0750 root system 53 mount cgroup none /sys/fs/cgroup/memory memory 54 write /sys/fs/cgroup/memory/memory.move_charge_at_immigrate 1 55 chown root system /sys/fs/cgroup/memory/tasks 56 chmod 0660 /sys/fs/cgroup/memory/tasks 57 mkdir /sys/fs/cgroup/memory/sw 0750 root system 58 write /sys/fs/cgroup/memory/sw/memory.swappiness 100 59 write /sys/fs/cgroup/memory/sw/memory.move_charge_at_immigrate 1 60 chown root system /sys/fs/cgroup/memory/sw/tasks 61 chmod 0660 /sys/fs/cgroup/memory/sw/tasks 62 63 mkdir /system 64 mkdir /data 0771 system system 65 mkdir /cache 0770 system cache 66 mkdir /config 0500 root root 67 68 # See storage config details at http://source.android.com/tech/storage/ 69 mkdir /mnt/shell 0700 shell shell 70 mkdir /mnt/media_rw 0700 media_rw media_rw 71 mkdir /storage 0751 root sdcard_r 72 73 # Directory for putting things only root should see. 74 mkdir /mnt/secure 0700 root root 75 76 # Directory for staging bindmounts 77 mkdir /mnt/secure/staging 0700 root root 78 79 # Directory-target for where the secure container 80 # imagefile directory will be bind-mounted 81 mkdir /mnt/secure/asec 0700 root root 82 83 # Secure container public mount points. 84 mkdir /mnt/asec 0700 root system 85 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 86 87 # Filesystem image public mount points. 88 mkdir /mnt/obb 0700 root system 89 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 90 91 write /proc/sys/kernel/panic_on_oops 1 92 write /proc/sys/kernel/hung_task_timeout_secs 0 93 write /proc/cpu/alignment 4 94 write /proc/sys/kernel/sched_latency_ns 10000000 95 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 96 write /proc/sys/kernel/sched_compat_yield 1 97 write /proc/sys/kernel/sched_child_runs_first 0 98 write /proc/sys/kernel/randomize_va_space 2 99 write /proc/sys/kernel/kptr_restrict 2 100 write /proc/sys/vm/mmap_min_addr 32768 101 write /proc/sys/net/ipv4/ping_group_range "0 2147483647" 102 write /proc/sys/net/unix/max_dgram_qlen 300 103 write /proc/sys/kernel/sched_rt_runtime_us 950000 104 write /proc/sys/kernel/sched_rt_period_us 1000000 105 106 # reflect fwmark from incoming packets onto generated replies 107 write /proc/sys/net/ipv4/fwmark_reflect 1 108 write /proc/sys/net/ipv6/fwmark_reflect 1 109 110 # set fwmark on accepted sockets 111 write /proc/sys/net/ipv4/tcp_fwmark_accept 1 112 113 # Create cgroup mount points for process groups 114 mkdir /dev/cpuctl 115 mount cgroup none /dev/cpuctl cpu 116 chown system system /dev/cpuctl 117 chown system system /dev/cpuctl/tasks 118 chmod 0660 /dev/cpuctl/tasks 119 write /dev/cpuctl/cpu.shares 1024 120 write /dev/cpuctl/cpu.rt_runtime_us 950000 121 write /dev/cpuctl/cpu.rt_period_us 1000000 122 123 mkdir /dev/cpuctl/apps 124 chown system system /dev/cpuctl/apps/tasks 125 chmod 0666 /dev/cpuctl/apps/tasks 126 write /dev/cpuctl/apps/cpu.shares 1024 127 write /dev/cpuctl/apps/cpu.rt_runtime_us 800000 128 write /dev/cpuctl/apps/cpu.rt_period_us 1000000 129 130 mkdir /dev/cpuctl/apps/bg_non_interactive 131 chown system system /dev/cpuctl/apps/bg_non_interactive/tasks 132 chmod 0666 /dev/cpuctl/apps/bg_non_interactive/tasks 133 # 5.0 % 134 write /dev/cpuctl/apps/bg_non_interactive/cpu.shares 52 135 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000 136 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000 137 138 # qtaguid will limit access to specific data based on group memberships. 139 # net_bw_acct grants impersonation of socket owners. 140 # net_bw_stats grants access to other apps' detailed tagged-socket stats. 141 chown root net_bw_acct /proc/net/xt_qtaguid/ctrl 142 chown root net_bw_stats /proc/net/xt_qtaguid/stats 143 144 # Allow everybody to read the xt_qtaguid resource tracking misc dev. 145 # This is needed by any process that uses socket tagging. 146 chmod 0644 /dev/xt_qtaguid 147 148 # Create location for fs_mgr to store abbreviated output from filesystem 149 # checker programs. 150 mkdir /dev/fscklogs 0770 root system 151 152 # pstore/ramoops previous console log 153 mount pstore pstore /sys/fs/pstore 154 chown system log /sys/fs/pstore/console-ramoops 155 chmod 0440 /sys/fs/pstore/console-ramoops 156 157# Healthd can trigger a full boot from charger mode by signaling this 158# property when the power button is held. 159on property:sys.boot_from_charger_mode=1 160 class_stop charger 161 trigger late-init 162 163# Load properties from /system/ + /factory after fs mount. 164on load_all_props_action 165 load_all_props 166 167# Indicate to fw loaders that the relevant mounts are up. 168on firmware_mounts_complete 169 rm /dev/.booting 170 171# Mount filesystems and start core system services. 172on late-init 173 trigger early-fs 174 trigger fs 175 trigger post-fs 176 trigger post-fs-data 177 178 # Load properties from /system/ + /factory after fs mount. Place 179 # this in another action so that the load will be scheduled after the prior 180 # issued fs triggers have completed. 181 trigger load_all_props_action 182 183 # Remove a file to wake up anything waiting for firmware. 184 trigger firmware_mounts_complete 185 186 trigger early-boot 187 trigger boot 188 189 190on post-fs 191 # once everything is setup, no need to modify / 192 mount rootfs rootfs / ro remount 193 # mount shared so changes propagate into child namespaces 194 mount rootfs rootfs / shared rec 195 196 # We chown/chmod /cache again so because mount is run as root + defaults 197 chown system cache /cache 198 chmod 0770 /cache 199 # We restorecon /cache in case the cache partition has been reset. 200 restorecon_recursive /cache 201 202 # This may have been created by the recovery system with odd permissions 203 chown system cache /cache/recovery 204 chmod 0770 /cache/recovery 205 206 #change permissions on vmallocinfo so we can grab it from bugreports 207 chown root log /proc/vmallocinfo 208 chmod 0440 /proc/vmallocinfo 209 210 chown root log /proc/slabinfo 211 chmod 0440 /proc/slabinfo 212 213 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks 214 chown root system /proc/kmsg 215 chmod 0440 /proc/kmsg 216 chown root system /proc/sysrq-trigger 217 chmod 0220 /proc/sysrq-trigger 218 chown system log /proc/last_kmsg 219 chmod 0440 /proc/last_kmsg 220 221 # make the selinux kernel policy world-readable 222 chmod 0444 /sys/fs/selinux/policy 223 224 # create the lost+found directories, so as to enforce our permissions 225 mkdir /cache/lost+found 0770 root root 226 227on post-fs-data 228 # We chown/chmod /data again so because mount is run as root + defaults 229 chown system system /data 230 chmod 0771 /data 231 # We restorecon /data in case the userdata partition has been reset. 232 restorecon /data 233 234 # Avoid predictable entropy pool. Carry over entropy from previous boot. 235 copy /data/system/entropy.dat /dev/urandom 236 237 # Create dump dir and collect dumps. 238 # Do this before we mount cache so eventually we can use cache for 239 # storing dumps on platforms which do not have a dedicated dump partition. 240 mkdir /data/dontpanic 0750 root log 241 242 # Collect apanic data, free resources and re-arm trigger 243 copy /proc/apanic_console /data/dontpanic/apanic_console 244 chown root log /data/dontpanic/apanic_console 245 chmod 0640 /data/dontpanic/apanic_console 246 247 copy /proc/apanic_threads /data/dontpanic/apanic_threads 248 chown root log /data/dontpanic/apanic_threads 249 chmod 0640 /data/dontpanic/apanic_threads 250 251 write /proc/apanic_console 1 252 253 # create basic filesystem structure 254 mkdir /data/misc 01771 system misc 255 mkdir /data/misc/adb 02750 system shell 256 mkdir /data/misc/bluedroid 0770 bluetooth net_bt_stack 257 mkdir /data/misc/bluetooth 0770 system system 258 mkdir /data/misc/keystore 0700 keystore keystore 259 mkdir /data/misc/keychain 0771 system system 260 mkdir /data/misc/net 0750 root shell 261 mkdir /data/misc/radio 0770 system radio 262 mkdir /data/misc/sms 0770 system radio 263 mkdir /data/misc/zoneinfo 0775 system system 264 mkdir /data/misc/vpn 0770 system vpn 265 mkdir /data/misc/shared_relro 0771 shared_relro shared_relro 266 mkdir /data/misc/systemkeys 0700 system system 267 mkdir /data/misc/wifi 0770 wifi wifi 268 mkdir /data/misc/wifi/sockets 0770 wifi wifi 269 mkdir /data/misc/wifi/wpa_supplicant 0770 wifi wifi 270 mkdir /data/misc/dhcp 0770 dhcp dhcp 271 mkdir /data/misc/user 0771 root root 272 # give system access to wpa_supplicant.conf for backup and restore 273 chmod 0660 /data/misc/wifi/wpa_supplicant.conf 274 mkdir /data/local 0751 root root 275 mkdir /data/misc/media 0700 media media 276 277 # For security reasons, /data/local/tmp should always be empty. 278 # Do not place files or directories in /data/local/tmp 279 mkdir /data/local/tmp 0771 shell shell 280 mkdir /data/data 0771 system system 281 mkdir /data/app-private 0771 system system 282 mkdir /data/app-asec 0700 root root 283 mkdir /data/app-lib 0771 system system 284 mkdir /data/app 0771 system system 285 mkdir /data/property 0700 root root 286 287 # create dalvik-cache, so as to enforce our permissions 288 mkdir /data/dalvik-cache 0771 root root 289 mkdir /data/dalvik-cache/profiles 0711 system system 290 291 # create resource-cache and double-check the perms 292 mkdir /data/resource-cache 0771 system system 293 chown system system /data/resource-cache 294 chmod 0771 /data/resource-cache 295 296 # create the lost+found directories, so as to enforce our permissions 297 mkdir /data/lost+found 0770 root root 298 299 # create directory for DRM plug-ins - give drm the read/write access to 300 # the following directory. 301 mkdir /data/drm 0770 drm drm 302 303 # create directory for MediaDrm plug-ins - give drm the read/write access to 304 # the following directory. 305 mkdir /data/mediadrm 0770 mediadrm mediadrm 306 307 # symlink to bugreport storage location 308 symlink /data/data/com.android.shell/files/bugreports /data/bugreports 309 310 # Separate location for storing security policy files on data 311 mkdir /data/security 0711 system system 312 313 # Reload policy from /data/security if present. 314 setprop selinux.reload_policy 1 315 316 # Set SELinux security contexts on upgrade or policy update. 317 restorecon_recursive /data 318 319 # If there is no fs-post-data action in the init.<device>.rc file, you 320 # must uncomment this line, otherwise encrypted filesystems 321 # won't work. 322 # Set indication (checked by vold) that we have finished this action 323 #setprop vold.post_fs_data_done 1 324 325on boot 326 # basic network init 327 ifup lo 328 hostname localhost 329 domainname localdomain 330 331 # set RLIMIT_NICE to allow priorities from 19 to -20 332 setrlimit 13 40 40 333 334 # Memory management. Basic kernel parameters, and allow the high 335 # level system server to be able to adjust the kernel OOM driver 336 # parameters to match how it is managing things. 337 write /proc/sys/vm/overcommit_memory 1 338 write /proc/sys/vm/min_free_order_shift 4 339 chown root system /sys/module/lowmemorykiller/parameters/adj 340 chmod 0664 /sys/module/lowmemorykiller/parameters/adj 341 chown root system /sys/module/lowmemorykiller/parameters/minfree 342 chmod 0664 /sys/module/lowmemorykiller/parameters/minfree 343 344 # Tweak background writeout 345 write /proc/sys/vm/dirty_expire_centisecs 200 346 write /proc/sys/vm/dirty_background_ratio 5 347 348 # Permissions for System Server and daemons. 349 chown radio system /sys/android_power/state 350 chown radio system /sys/android_power/request_state 351 chown radio system /sys/android_power/acquire_full_wake_lock 352 chown radio system /sys/android_power/acquire_partial_wake_lock 353 chown radio system /sys/android_power/release_wake_lock 354 chown system system /sys/power/autosleep 355 chown system system /sys/power/state 356 chown system system /sys/power/wakeup_count 357 chown radio system /sys/power/wake_lock 358 chown radio system /sys/power/wake_unlock 359 chmod 0660 /sys/power/state 360 chmod 0660 /sys/power/wake_lock 361 chmod 0660 /sys/power/wake_unlock 362 363 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_rate 364 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_rate 365 chown system system /sys/devices/system/cpu/cpufreq/interactive/timer_slack 366 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/timer_slack 367 chown system system /sys/devices/system/cpu/cpufreq/interactive/min_sample_time 368 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/min_sample_time 369 chown system system /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq 370 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/hispeed_freq 371 chown system system /sys/devices/system/cpu/cpufreq/interactive/target_loads 372 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/target_loads 373 chown system system /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load 374 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/go_hispeed_load 375 chown system system /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay 376 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/above_hispeed_delay 377 chown system system /sys/devices/system/cpu/cpufreq/interactive/boost 378 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boost 379 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse 380 chown system system /sys/devices/system/cpu/cpufreq/interactive/input_boost 381 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/input_boost 382 chown system system /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration 383 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/boostpulse_duration 384 chown system system /sys/devices/system/cpu/cpufreq/interactive/io_is_busy 385 chmod 0660 /sys/devices/system/cpu/cpufreq/interactive/io_is_busy 386 387 # Assume SMP uses shared cpufreq policy for all CPUs 388 chown system system /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq 389 chmod 0660 /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq 390 391 chown system system /sys/class/timed_output/vibrator/enable 392 chown system system /sys/class/leds/keyboard-backlight/brightness 393 chown system system /sys/class/leds/lcd-backlight/brightness 394 chown system system /sys/class/leds/button-backlight/brightness 395 chown system system /sys/class/leds/jogball-backlight/brightness 396 chown system system /sys/class/leds/red/brightness 397 chown system system /sys/class/leds/green/brightness 398 chown system system /sys/class/leds/blue/brightness 399 chown system system /sys/class/leds/red/device/grpfreq 400 chown system system /sys/class/leds/red/device/grppwm 401 chown system system /sys/class/leds/red/device/blink 402 chown system system /sys/class/timed_output/vibrator/enable 403 chown system system /sys/module/sco/parameters/disable_esco 404 chown system system /sys/kernel/ipv4/tcp_wmem_min 405 chown system system /sys/kernel/ipv4/tcp_wmem_def 406 chown system system /sys/kernel/ipv4/tcp_wmem_max 407 chown system system /sys/kernel/ipv4/tcp_rmem_min 408 chown system system /sys/kernel/ipv4/tcp_rmem_def 409 chown system system /sys/kernel/ipv4/tcp_rmem_max 410 chown root radio /proc/cmdline 411 412 # Define TCP buffer sizes for various networks 413 # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, 414 setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 415 setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576 416 setprop net.tcp.buffersize.ethernet 524288,1048576,3145728,524288,1048576,2097152 417 setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576 418 setprop net.tcp.buffersize.umts 58254,349525,1048576,58254,349525,1048576 419 setprop net.tcp.buffersize.hspa 40778,244668,734003,16777,100663,301990 420 setprop net.tcp.buffersize.hsupa 40778,244668,734003,16777,100663,301990 421 setprop net.tcp.buffersize.hsdpa 61167,367002,1101005,8738,52429,262114 422 setprop net.tcp.buffersize.hspap 122334,734003,2202010,32040,192239,576717 423 setprop net.tcp.buffersize.edge 4093,26280,70800,4096,16384,70800 424 setprop net.tcp.buffersize.gprs 4092,8760,48000,4096,8760,48000 425 setprop net.tcp.buffersize.evdo 4094,87380,262144,4096,16384,262144 426 427 # Define default initial receive window size in segments. 428 setprop net.tcp.default_init_rwnd 60 429 430 class_start core 431 class_start main 432 433on nonencrypted 434 class_start late_start 435 436on property:sys.init_log_level=* 437 loglevel ${sys.init_log_level} 438 439on charger 440 class_start charger 441 442on property:vold.decrypt=trigger_reset_main 443 class_reset main 444 445on property:vold.decrypt=trigger_load_persist_props 446 load_persist_props 447 448on property:vold.decrypt=trigger_post_fs_data 449 trigger post-fs-data 450 451on property:vold.decrypt=trigger_restart_min_framework 452 class_start main 453 454on property:vold.decrypt=trigger_restart_framework 455 class_start main 456 class_start late_start 457 458on property:vold.decrypt=trigger_shutdown_framework 459 class_reset late_start 460 class_reset main 461 462on property:sys.powerctl=* 463 powerctl ${sys.powerctl} 464 465# system server cannot write to /proc/sys files, 466# and chown/chmod does not work for /proc/sys/ entries. 467# So proxy writes through init. 468on property:sys.sysctl.extra_free_kbytes=* 469 write /proc/sys/vm/extra_free_kbytes ${sys.sysctl.extra_free_kbytes} 470 471# "tcp_default_init_rwnd" Is too long! 472on property:sys.sysctl.tcp_def_init_rwnd=* 473 write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd} 474 475 476## Daemon processes to be run by init. 477## 478service ueventd /sbin/ueventd 479 class core 480 critical 481 seclabel u:r:ueventd:s0 482 483service logd /system/bin/logd 484 class core 485 socket logd stream 0666 logd logd 486 socket logdr seqpacket 0666 logd logd 487 socket logdw dgram 0222 logd logd 488 seclabel u:r:logd:s0 489 490service healthd /sbin/healthd 491 class core 492 critical 493 seclabel u:r:healthd:s0 494 495service healthd-charger /sbin/healthd -n 496 class charger 497 critical 498 seclabel u:r:healthd:s0 499 500service console /system/bin/sh 501 class core 502 console 503 disabled 504 user shell 505 group shell log 506 seclabel u:r:shell:s0 507 508on property:ro.debuggable=1 509 start console 510 511# adbd is controlled via property triggers in init.<platform>.usb.rc 512service adbd /sbin/adbd --root_seclabel=u:r:su:s0 513 class core 514 socket adbd stream 660 system system 515 disabled 516 seclabel u:r:adbd:s0 517 518# adbd on at boot in emulator 519on property:ro.kernel.qemu=1 520 start adbd 521 522service servicemanager /system/bin/servicemanager 523 class core 524 user system 525 group system 526 critical 527 onrestart restart healthd 528 onrestart restart zygote 529 onrestart restart media 530 onrestart restart surfaceflinger 531 onrestart restart drm 532 533service vold /system/bin/vold 534 class core 535 socket vold stream 0660 root mount 536 ioprio be 2 537 538service netd /system/bin/netd 539 class main 540 socket netd stream 0660 root system 541 socket dnsproxyd stream 0660 root inet 542 socket mdns stream 0660 root system 543 socket fwmarkd stream 0660 root inet 544 545service debuggerd /system/bin/debuggerd 546 class main 547 548service debuggerd64 /system/bin/debuggerd64 549 class main 550 551service ril-daemon /system/bin/rild 552 class main 553 socket rild stream 660 root radio 554 socket rild-debug stream 660 radio system 555 user root 556 group radio cache inet misc audio log 557 558service surfaceflinger /system/bin/surfaceflinger 559 class main 560 user system 561 group graphics drmrpc 562 onrestart restart zygote 563 564service drm /system/bin/drmserver 565 class main 566 user drm 567 group drm system inet drmrpc 568 569service media /system/bin/mediaserver 570 class main 571 user media 572 group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc mediadrm 573 ioprio rt 4 574 575service bootanim /system/bin/bootanimation 576 class main 577 user graphics 578 group graphics 579 disabled 580 oneshot 581 582service installd /system/bin/installd 583 class main 584 socket installd stream 600 system system 585 586service flash_recovery /system/etc/install-recovery.sh 587 class main 588 oneshot 589 590service racoon /system/bin/racoon 591 class main 592 socket racoon stream 600 system system 593 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port. 594 group vpn net_admin inet 595 disabled 596 oneshot 597 598service mtpd /system/bin/mtpd 599 class main 600 socket mtpd stream 600 system system 601 user vpn 602 group vpn net_admin inet net_raw 603 disabled 604 oneshot 605 606service keystore /system/bin/keystore /data/misc/keystore 607 class main 608 user keystore 609 group keystore drmrpc 610 611service dumpstate /system/bin/dumpstate -s 612 class main 613 socket dumpstate stream 0660 shell log 614 disabled 615 oneshot 616 617service mdnsd /system/bin/mdnsd 618 class main 619 user mdnsr 620 group inet net_raw 621 socket mdnsd stream 0660 mdnsr inet 622 disabled 623 oneshot 624