转自:http://www.linuxidc.com/Linux/2011-04/35014.htm
通过property_set("ctl.start", service_xx);
来启动init.rc中的service是一个很方便方法来调用某个可执行程序或某个脚本程序
service service_xx /system/bin/xx
disabled
oneshot
但在非AID_ROOT、AID_SYSTEM 用户的进程中调用ctl.start ctl.stop会碰到权限问题:
system/core/init/property_service.c
/*
* White list of UID that are allowed to start/stop services.
* Currently there are no user apps that require.
*/
struct {
const char *service;
unsigned int uid;
unsigned int gid;
} control_perms[] = {
{ "dumpstate",AID_SHELL, AID_LOG },
{NULL, 0, 0 }
};
/*
* Checks permissions for starting/stoping system services.
* AID_SYSTEM and AID_ROOT are always allowed.
*
* Returns 1 if uid allowed, 0 otherwise.
*/
static int check_control_perms(const char *name, int uid, int gid) {
int i;
if (uid == AID_SYSTEM || uid == AID_ROOT)
return 1;
/* Search the ACL */
for (i = 0; control_perms[i].service; i++) {
if (strcmp(control_perms[i].service, name) == 0) {
if ((uid && control_perms[i].uid == uid) ||
(gid && control_perms[i].gid == gid)) {
return 1;
}
}
}
return 0;
}
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/zmyde2010/archive/2011/04/09/6312615.aspx
只有uid == AID_SYSTEM || uid == AID_ROOT
或符合 control_perms[] = {
{ "dumpstate",AID_SHELL, AID_LOG },
{NULL, 0, 0 }
}; 的uid进程才有权限star/stop services
因此,如果我们碰到了权限问题,根据log提示,在/system/core/include/private/Android_filesystem_config.h
中查到进程定义,添加到control_perms[]列表
比如,uid ==AID_WIFI的某个程序需要权限启动service_xx
control_perms[] = {
{ "dumpstate",AID_SHELL, AID_LOG },
+ { "service_xx ",AID_WIFI, AID_WIFI},
{NULL, 0, 0 }
};