1.前言
客户应用需求root相关的权限,我们需要修改系统的权限才可以满足客户需求
2.修改方法
frameworks层:注释掉
java
diff --git a/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp b/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
index c64f40770f..234de0a96d 100644
--- a/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
+++ b/frameworks/base/core/jni/com_android_internal_os_Zygote.cpp
@@ -654,6 +654,7 @@ static void EnableKeepCapabilities(fail_fn_t fail_fn) {
}
static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
+/*
for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {;
if (prctl(PR_CAPBSET_DROP, i, 0, 0, 0) == -1) {
if (errno == EINVAL) {
@@ -664,6 +665,7 @@ static void DropCapabilitiesBoundingSet(fail_fn_t fail_fn) {
}
}
}
+*/
}
static void SetInheritable(uint64_t inheritable, fail_fn_t fail_fn) {
java
diff --git a/system/core/libcutils/fs_config.cpp b/system/core/libcutils/fs_config.cpp
index a6835fc70c..e2684ee38e 100644
--- a/system/core/libcutils/fs_config.cpp
+++ b/system/core/libcutils/fs_config.cpp
@@ -86,7 +86,8 @@ static const struct fs_path_config android_dirs[] = {
{ 00751, AID_ROOT, AID_SHELL, 0, "system/bin" },
{ 00755, AID_ROOT, AID_ROOT, 0, "system/etc/ppp" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" },
- { 00750, AID_ROOT, AID_SHELL, 0, "system/xbin" },
+ { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin" },
{ 00751, AID_ROOT, AID_SHELL, 0, "system/apex/*/bin" },
{ 00751, AID_ROOT, AID_SHELL, 0, "system_ext/bin" },
{ 00751, AID_ROOT, AID_SHELL, 0, "system_ext/apex/*/bin" },
@@ -190,8 +191,10 @@ static const struct fs_path_config android_files[] = {
// the following two files are INTENTIONALLY set-uid, but they
// are NOT included on user builds.
{ 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" },
- { 04750, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
-
+ { 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/su" },
+ { 06755, AID_ROOT, AID_SHELL, 0, "system/xbin/testsu" },
// the following files have enhanced capabilities and ARE included
// in user builds.
{ 00700, AID_SYSTEM, AID_SHELL, CAP_MASK_LONG(CAP_BLOCK_SUSPEND),
禁用selinux
java
diff --git a/system/core/init/selinux.cpp b/system/core/init/selinux.cpp
index 29c0ff3baa..66f0b6fb6c 100644
--- a/system/core/init/selinux.cpp
+++ b/system/core/init/selinux.cpp
@@ -114,6 +114,7 @@ EnforcingStatus StatusFromProperty() {
}
bool IsEnforcing() {
+ return false;
if (ALLOW_PERMISSIVE_SELINUX) {
return StatusFromProperty() == SELINUX_ENFORCING;
}
内核部分
java
index 09b402c88f..9f91febd00 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -1164,12 +1164,12 @@ int cap_task_setnice(struct task_struct *p, int nice)
static int cap_prctl_drop(unsigned long cap)
{
struct cred *new;
-
+/*
if (!ns_capable(current_user_ns(), CAP_SETPCAP))
return -EPERM;
if (!cap_valid(cap))
return -EINVAL;
-
+*/
new = prepare_creds();
if (!new)
return -ENOMEM;
到此重新编译整个系统就可以正常编译出带root的固件了。