init.rc revision f90b0e04a61ab3bf5239afb2f7157aabe5fbca8f
1import /init.${ro.hardware}.rc 2 3on early-init 4 # Set init and its forked children's oom_adj. 5 write /proc/1/oom_adj -16 6 7 start ueventd 8 9# create mountpoints 10 mkdir /mnt 0775 root system 11 12on init 13 14sysclktz 0 15 16loglevel 3 17 18# setup the global environment 19 export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin 20 export LD_LIBRARY_PATH /vendor/lib:/system/lib 21 export ANDROID_BOOTLOGO 1 22 export ANDROID_ROOT /system 23 export ANDROID_ASSETS /system/app 24 export ANDROID_DATA /data 25 export ASEC_MOUNTPOINT /mnt/asec 26 export LOOP_MOUNTPOINT /mnt/obb 27 export BOOTCLASSPATH /system/framework/core.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/apache-xml.jar:/system/framework/filterfw.jar 28 29# Backward compatibility 30 symlink /system/etc /etc 31 symlink /sys/kernel/debug /d 32 33# Right now vendor lives on the same filesystem as system, 34# but someday that may change. 35 symlink /system/vendor /vendor 36 37# Create cgroup mount point for cpu accounting 38 mkdir /acct 39 mount cgroup none /acct cpuacct 40 mkdir /acct/uid 41 42 mkdir /system 43 mkdir /data 0771 system system 44 mkdir /cache 0770 system cache 45 mkdir /config 0500 root root 46 47 # Directory for putting things only root should see. 48 mkdir /mnt/secure 0700 root root 49 50 # Directory for staging bindmounts 51 mkdir /mnt/secure/staging 0700 root root 52 53 # Directory-target for where the secure container 54 # imagefile directory will be bind-mounted 55 mkdir /mnt/secure/asec 0700 root root 56 57 # Secure container public mount points. 58 mkdir /mnt/asec 0700 root system 59 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 60 61 # Filesystem image public mount points. 62 mkdir /mnt/obb 0700 root system 63 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 64 65 write /proc/sys/kernel/panic_on_oops 1 66 write /proc/sys/kernel/hung_task_timeout_secs 0 67 write /proc/cpu/alignment 4 68 write /proc/sys/kernel/sched_latency_ns 10000000 69 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 70 write /proc/sys/kernel/sched_compat_yield 1 71 write /proc/sys/kernel/sched_child_runs_first 0 72 write /proc/sys/kernel/randomize_va_space 2 73 74# Create cgroup mount points for process groups 75 mkdir /dev/cpuctl 76 mount cgroup none /dev/cpuctl cpu 77 chown system system /dev/cpuctl 78 chown system system /dev/cpuctl/tasks 79 chmod 0777 /dev/cpuctl/tasks 80 write /dev/cpuctl/cpu.shares 1024 81 82 mkdir /dev/cpuctl/fg_boost 83 chown system system /dev/cpuctl/fg_boost/tasks 84 chmod 0777 /dev/cpuctl/fg_boost/tasks 85 write /dev/cpuctl/fg_boost/cpu.shares 1024 86 87 mkdir /dev/cpuctl/bg_non_interactive 88 chown system system /dev/cpuctl/bg_non_interactive/tasks 89 chmod 0777 /dev/cpuctl/bg_non_interactive/tasks 90 # 5.0 % 91 write /dev/cpuctl/bg_non_interactive/cpu.shares 52 92 93# Allow everybody to read the xt_qtaguid resource tracking misc dev. 94# This is needed by any process that uses socket tagging. 95 chmod 0644 /dev/xt_qtaguid 96 97on fs 98# mount mtd partitions 99 # Mount /system rw first to give the filesystem a chance to save a checkpoint 100 mount yaffs2 mtd@system /system 101 mount yaffs2 mtd@system /system ro remount 102 mount yaffs2 mtd@userdata /data nosuid nodev 103 mount yaffs2 mtd@cache /cache nosuid nodev 104 105on post-fs 106 # once everything is setup, no need to modify / 107 mount rootfs rootfs / ro remount 108 109 # We chown/chmod /cache again so because mount is run as root + defaults 110 chown system cache /cache 111 chmod 0770 /cache 112 113 # This may have been created by the recovery system with odd permissions 114 chown system cache /cache/recovery 115 chmod 0770 /cache/recovery 116 117 #change permissions on vmallocinfo so we can grab it from bugreports 118 chown root log /proc/vmallocinfo 119 chmod 0440 /proc/vmallocinfo 120 121 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks 122 chown root system /proc/kmsg 123 chmod 0440 /proc/kmsg 124 chown root system /proc/sysrq-trigger 125 chmod 0220 /proc/sysrq-trigger 126 127 # create the lost+found directories, so as to enforce our permissions 128 mkdir /cache/lost+found 0770 root root 129 130on post-fs-data 131 # We chown/chmod /data again so because mount is run as root + defaults 132 chown system system /data 133 chmod 0771 /data 134 135 # Create dump dir and collect dumps. 136 # Do this before we mount cache so eventually we can use cache for 137 # storing dumps on platforms which do not have a dedicated dump partition. 138 mkdir /data/dontpanic 0750 root log 139 140 # Collect apanic data, free resources and re-arm trigger 141 copy /proc/apanic_console /data/dontpanic/apanic_console 142 chown root log /data/dontpanic/apanic_console 143 chmod 0640 /data/dontpanic/apanic_console 144 145 copy /proc/apanic_threads /data/dontpanic/apanic_threads 146 chown root log /data/dontpanic/apanic_threads 147 chmod 0640 /data/dontpanic/apanic_threads 148 149 write /proc/apanic_console 1 150 151 # create basic filesystem structure 152 mkdir /data/misc 01771 system misc 153 mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth 154 mkdir /data/misc/bluetooth 0770 system system 155 mkdir /data/misc/keystore 0700 keystore keystore 156 mkdir /data/misc/keychain 0771 system system 157 mkdir /data/misc/vpn 0770 system vpn 158 mkdir /data/misc/systemkeys 0700 system system 159 # give system access to wpa_supplicant.conf for backup and restore 160 mkdir /data/misc/wifi 0770 wifi wifi 161 chmod 0660 /data/misc/wifi/wpa_supplicant.conf 162 mkdir /data/local 0771 shell shell 163 mkdir /data/local/tmp 0771 shell shell 164 mkdir /data/data 0771 system system 165 mkdir /data/app-private 0771 system system 166 mkdir /data/app 0771 system system 167 mkdir /data/property 0700 root root 168 169 # create dalvik-cache, so as to enforce our permissions 170 mkdir /data/dalvik-cache 0771 system system 171 172 # create resource-cache and double-check the perms 173 mkdir /data/resource-cache 0771 system system 174 chown system system /data/resource-cache 175 chmod 0771 /data/resource-cache 176 177 # create the lost+found directories, so as to enforce our permissions 178 mkdir /data/lost+found 0770 root root 179 180 # create directory for DRM plug-ins 181 mkdir /data/drm 0774 drm drm 182 183 # If there is no fs-post-data action in the init.<device>.rc file, you 184 # must uncomment this line, otherwise encrypted filesystems 185 # won't work. 186 # Set indication (checked by vold) that we have finished this action 187 #setprop vold.post_fs_data_done 1 188 189 chown system system /sys/class/android_usb/android0/f_mass_storage/lun/file 190 chmod 0660 /sys/class/android_usb/android0/f_mass_storage/lun/file 191 chown system system /sys/class/android_usb/android0/f_rndis/ethaddr 192 chmod 0660 /sys/class/android_usb/android0/f_rndis/ethaddr 193 194on boot 195# basic network init 196 ifup lo 197 hostname localhost 198 domainname localdomain 199 200# set RLIMIT_NICE to allow priorities from 19 to -20 201 setrlimit 13 40 40 202 203# Memory management. Basic kernel parameters, and allow the high 204# level system server to be able to adjust the kernel OOM driver 205# paramters to match how it is managing things. 206 write /proc/sys/vm/overcommit_memory 1 207 write /proc/sys/vm/min_free_order_shift 4 208 chown root system /sys/module/lowmemorykiller/parameters/adj 209 chmod 0664 /sys/module/lowmemorykiller/parameters/adj 210 chown root system /sys/module/lowmemorykiller/parameters/minfree 211 chmod 0664 /sys/module/lowmemorykiller/parameters/minfree 212 213 # Tweak background writeout 214 write /proc/sys/vm/dirty_expire_centisecs 200 215 write /proc/sys/vm/dirty_background_ratio 5 216 217 # Permissions for System Server and daemons. 218 chown radio system /sys/android_power/state 219 chown radio system /sys/android_power/request_state 220 chown radio system /sys/android_power/acquire_full_wake_lock 221 chown radio system /sys/android_power/acquire_partial_wake_lock 222 chown radio system /sys/android_power/release_wake_lock 223 chown radio system /sys/power/state 224 chown radio system /sys/power/wake_lock 225 chown radio system /sys/power/wake_unlock 226 chmod 0660 /sys/power/state 227 chmod 0660 /sys/power/wake_lock 228 chmod 0660 /sys/power/wake_unlock 229 chown system system /sys/class/timed_output/vibrator/enable 230 chown system system /sys/class/leds/keyboard-backlight/brightness 231 chown system system /sys/class/leds/lcd-backlight/brightness 232 chown system system /sys/class/leds/button-backlight/brightness 233 chown system system /sys/class/leds/jogball-backlight/brightness 234 chown system system /sys/class/leds/red/brightness 235 chown system system /sys/class/leds/green/brightness 236 chown system system /sys/class/leds/blue/brightness 237 chown system system /sys/class/leds/red/device/grpfreq 238 chown system system /sys/class/leds/red/device/grppwm 239 chown system system /sys/class/leds/red/device/blink 240 chown system system /sys/class/leds/red/brightness 241 chown system system /sys/class/leds/green/brightness 242 chown system system /sys/class/leds/blue/brightness 243 chown system system /sys/class/leds/red/device/grpfreq 244 chown system system /sys/class/leds/red/device/grppwm 245 chown system system /sys/class/leds/red/device/blink 246 chown system system /sys/class/timed_output/vibrator/enable 247 chown system system /sys/module/sco/parameters/disable_esco 248 chown system system /sys/kernel/ipv4/tcp_wmem_min 249 chown system system /sys/kernel/ipv4/tcp_wmem_def 250 chown system system /sys/kernel/ipv4/tcp_wmem_max 251 chown system system /sys/kernel/ipv4/tcp_rmem_min 252 chown system system /sys/kernel/ipv4/tcp_rmem_def 253 chown system system /sys/kernel/ipv4/tcp_rmem_max 254 chown root radio /proc/cmdline 255 256# Define TCP buffer sizes for various networks 257# ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, 258 setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 259 setprop net.tcp.buffersize.wifi 524288,1048576,2097152,262144,524288,1048576 260 setprop net.tcp.buffersize.lte 524288,1048576,2097152,262144,524288,1048576 261 setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208 262 setprop net.tcp.buffersize.hspa 4094,87380,262144,4096,16384,262144 263 setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040 264 setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680 265 266# Set this property so surfaceflinger is not started by system_init 267 setprop system_init.startsurfaceflinger 0 268 269 class_start core 270 class_start main 271 272on nonencrypted 273 class_start late_start 274 275on charger 276 class_start charger 277 278on property:vold.decrypt=trigger_reset_main 279 class_reset main 280 281on property:vold.decrypt=trigger_load_persist_props 282 load_persist_props 283 284on property:vold.decrypt=trigger_post_fs_data 285 trigger post-fs-data 286 287on property:vold.decrypt=trigger_restart_min_framework 288 class_start main 289 290on property:vold.decrypt=trigger_restart_framework 291 class_start main 292 class_start late_start 293 294on property:vold.decrypt=trigger_shutdown_framework 295 class_reset late_start 296 class_reset main 297 298# Used to disable USB when switching states 299on property:sys.usb.config=none 300 stop adbd 301 write /sys/class/android_usb/android0/enable 0 302 write /sys/class/android_usb/android0/bDeviceClass 0 303 setprop sys.usb.state ${sys.usb.config} 304 305# adb only USB configuration 306# This should only be used during device bringup 307# and as a fallback if the USB manager fails to set a standard configuration 308on property:sys.usb.config=adb 309 write /sys/class/android_usb/android0/enable 0 310 write /sys/class/android_usb/android0/idVendor 18d1 311 write /sys/class/android_usb/android0/idProduct D002 312 write /sys/class/android_usb/android0/functions ${sys.usb.config} 313 write /sys/class/android_usb/android0/enable 1 314 start adbd 315 setprop sys.usb.state ${sys.usb.config} 316 317# USB accessory configuration 318on property:sys.usb.config=accessory 319 write /sys/class/android_usb/android0/enable 0 320 write /sys/class/android_usb/android0/idVendor 18d1 321 write /sys/class/android_usb/android0/idProduct 2d00 322 write /sys/class/android_usb/android0/functions ${sys.usb.config} 323 write /sys/class/android_usb/android0/enable 1 324 setprop sys.usb.state ${sys.usb.config} 325 326# USB accessory configuration, with adb 327on property:sys.usb.config=accessory,adb 328 write /sys/class/android_usb/android0/enable 0 329 write /sys/class/android_usb/android0/idVendor 18d1 330 write /sys/class/android_usb/android0/idProduct 2d01 331 write /sys/class/android_usb/android0/functions ${sys.usb.config} 332 write /sys/class/android_usb/android0/enable 1 333 start adbd 334 setprop sys.usb.state ${sys.usb.config} 335 336# Used to set USB configuration at boot and to switch the configuration 337# when changing the default configuration 338on property:persist.sys.usb.config=* 339 setprop sys.usb.config ${persist.sys.usb.config} 340 341## Daemon processes to be run by init. 342## 343service ueventd /sbin/ueventd 344 class core 345 critical 346 347service console /system/bin/sh 348 class core 349 console 350 disabled 351 user shell 352 group log 353 354on property:ro.debuggable=1 355 start console 356 357# adbd is controlled via property triggers in init.<platform>.usb.rc 358service adbd /sbin/adbd 359 class core 360 disabled 361 362# adbd on at boot in emulator 363on property:ro.kernel.qemu=1 364 start adbd 365 366# This property trigger has added to imitiate the previous behavior of "adb root". 367# The adb gadget driver used to reset the USB bus when the adbd daemon exited, 368# and the host side adb relied on this behavior to force it to reconnect with the 369# new adbd instance after init relaunches it. So now we force the USB bus to reset 370# here when adbd sets the service.adb.root property to 1. We also restart adbd here 371# rather than waiting for init to notice its death and restarting it so the timing 372# of USB resetting and adb restarting more closely matches the previous behavior. 373on property:service.adb.root=1 374 write /sys/class/android_usb/android0/enable 0 375 restart adbd 376 write /sys/class/android_usb/android0/enable 1 377 378service servicemanager /system/bin/servicemanager 379 class core 380 user system 381 group system 382 critical 383 onrestart restart zygote 384 onrestart restart media 385 onrestart restart surfaceflinger 386 onrestart restart drm 387 388service vold /system/bin/vold 389 class core 390 socket vold stream 0660 root mount 391 ioprio be 2 392 393service netd /system/bin/netd 394 class main 395 socket netd stream 0660 root system 396 socket dnsproxyd stream 0660 root inet 397 398service debuggerd /system/bin/debuggerd 399 class main 400 401service ril-daemon /system/bin/rild 402 class main 403 socket rild stream 660 root radio 404 socket rild-debug stream 660 radio system 405 user root 406 group radio cache inet misc audio sdcard_rw log 407 408service surfaceflinger /system/bin/surfaceflinger 409 class main 410 user system 411 group graphics 412 onrestart restart zygote 413 414service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server 415 class main 416 socket zygote stream 666 417 onrestart write /sys/android_power/request_state wake 418 onrestart write /sys/power/state on 419 onrestart restart media 420 onrestart restart netd 421 422service drm /system/bin/drmserver 423 class main 424 user drm 425 group system inet drmrpc 426 427service media /system/bin/mediaserver 428 class main 429 user media 430 group audio camera inet net_bt net_bt_admin net_bw_acct drmrpc 431 ioprio rt 4 432 433service bootanim /system/bin/bootanimation 434 class main 435 user graphics 436 group graphics 437 disabled 438 oneshot 439 440service dbus /system/bin/dbus-daemon --system --nofork 441 class main 442 socket dbus stream 660 bluetooth bluetooth 443 user bluetooth 444 group bluetooth net_bt_admin 445 446service bluetoothd /system/bin/bluetoothd -n 447 class main 448 socket bluetooth stream 660 bluetooth bluetooth 449 socket dbus_bluetooth stream 660 bluetooth bluetooth 450 # init.rc does not yet support applying capabilities, so run as root and 451 # let bluetoothd drop uid to bluetooth with the right linux capabilities 452 group bluetooth net_bt_admin misc 453 disabled 454 455service installd /system/bin/installd 456 class main 457 socket installd stream 600 system system 458 459service flash_recovery /system/etc/install-recovery.sh 460 class main 461 oneshot 462 463service racoon /system/bin/racoon 464 class main 465 socket racoon stream 600 system system 466 # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port. 467 group vpn net_admin inet 468 disabled 469 oneshot 470 471service mtpd /system/bin/mtpd 472 class main 473 socket mtpd stream 600 system system 474 user vpn 475 group vpn net_admin inet net_raw 476 disabled 477 oneshot 478 479service keystore /system/bin/keystore /data/misc/keystore 480 class main 481 user keystore 482 group keystore 483 socket keystore stream 666 484 485service dumpstate /system/bin/dumpstate -s 486 class main 487 socket dumpstate stream 0660 shell log 488 disabled 489 oneshot 490