Merge "Check non-primary user dirs during package scan" into jb-mr1-dev

author: Kenny Root <kroot@google.com> 2012-10-23 17:03:08 -0700
committer: Android (Google) Code Review <android-gerrit@google.com> 2012-10-23 17:03:09 -0700
commit: da2509c434ebb2a5a0da1bc270cae7f007cbb0f9 (patch)
tree: 8517da587126105df96096234de09a19fc2fdb38 /cmds
parent: 6757572b39d3802c4d7b69467b5ebf69a96c208b (diff)
parent: 4525f5b69cb44a9a0c92f9c525fc47541f456621 (diff)
download: frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.zip
frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.tar.gz
frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.tar.bz2
1 files changed, 24 insertions, 9 deletions
diff --git a/cmds/installd/commands.c b/cmds/installd/commands.c
index 387f33d..1e6398f 100644
--- a/cmds/installd/commands.c
+++ b/cmds/installd/commands.c
@@ -141,39 +141,54 @@ int renamepkg(const char *oldpkgname, const char *newpkgname)
     return 0;
 }
 
-int fix_uid(const char *pkgname, uid_t uid, gid_t gid)
+int fix_uid(const char *pkgname, uid_t uid, uid_t userId)
 {
     char pkgdir[PKG_PATH_MAX];
     struct stat s;
     int rc = 0;
 
-    if ((uid < AID_SYSTEM) || (gid < AID_SYSTEM)) {
-        ALOGE("invalid uid/gid: %d %d\n", uid, gid);
+    if (uid < AID_SYSTEM) {
+        ALOGE("invalid uid: %d\n", uid);
         return -1;
     }
 
-    if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, 0)) {
+    if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, userId)) {
         ALOGE("cannot create package path\n");
         return -1;
     }
 
     if (stat(pkgdir, &s) < 0) return -1;
 
-    if (s.st_uid != 0 || s.st_gid != 0) {
-        ALOGE("fixing uid of non-root pkg: %s %lu %lu\n", pkgdir, s.st_uid, s.st_gid);
+    if (((s.st_uid != 0) && (s.st_uid != AID_INSTALL))
+            || ((s.st_gid != 0) && (s.st_gid != AID_INSTALL))) {
+        ALOGE("fixing uid of pkg not owned by install or root: %s %lu %lu\n", pkgdir, s.st_uid,
+                s.st_gid);
+        return -1;
+    }
+
+    if (chown(pkgdir, AID_INSTALL, AID_INSTALL) < 0) {
+        ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
+        unlink(pkgdir);
         return -1;
     }
 
     if (chmod(pkgdir, 0751) < 0) {
         ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
         unlink(pkgdir);
-        return -errno;
+        return -1;
     }
-    if (chown(pkgdir, uid, gid) < 0) {
+    if (chown(pkgdir, uid, uid) < 0) {
         ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
         unlink(pkgdir);
-        return -errno;
+        return -1;
     }
+#ifdef HAVE_SELINUX
+    if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) {
+        ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
+        unlink(pkgdir);
+        return -1;
+    }
+#endif
 
     return 0;
 }
author	Kenny Root <kroot@google.com>	2012-10-23 17:03:08 -0700
committer	Android (Google) Code Review <android-gerrit@google.com>	2012-10-23 17:03:09 -0700
commit	da2509c434ebb2a5a0da1bc270cae7f007cbb0f9 (patch)
tree	8517da587126105df96096234de09a19fc2fdb38 /cmds
parent	6757572b39d3802c4d7b69467b5ebf69a96c208b (diff)
parent	4525f5b69cb44a9a0c92f9c525fc47541f456621 (diff)
download	frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.zip frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.tar.gz frameworks_base-da2509c434ebb2a5a0da1bc270cae7f007cbb0f9.tar.bz2