增加自启动服务
环境:目前在rk3568芯片上 测试成功
/common
目前需要把 BoardConfig.mk 中selinux关闭,目前开启后会执行不成功,原因暂时未知。
1
| BOARD_SELINUX_ENFORCING ?= false
|
path: /device/rockchip/common/sepolicy/vendor
其中cstest是创建的脚本程序名称
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| type cstest, domain;
type cstest_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(cstest)
allow cstest vendor_shell_exec:file { execute_no_trans };
#allow cstest shell_exec:file { map };
allow cstest device:chr_file { ioctl };
#allow cstest system_file:file { execute };
#allow cstest toolbox_exec:file { map };
allow cstest storage_file:dir { search };
allow cstest storage_file:lnk_file { read };
allow cstest mnt_user_file:lnk_file { read };
allow cstest mnt_user_file:dir { search };
allow cstest sdcardfs:dir { search write add_name create };
#allow cstest media_rw_data_file:dir { read open search write };
#allow cstest system_data_file:file { getattr };
#allow cstest cstest:capability { dac_override };
#allow cstest sysfs_wake_lock:file { write open };
#allow cstest cstest:capability2{ block_suspend };
|
Android编译时需要增加给每个程序增加安全策略,赋予权限
1
2
3
| # 底行增加
type cstest_service,system_api_service, system_server_service, service_manager_type;
|
path: rk_android_sdk/device/rockchip/rk356x/rk3568_cs
1
2
3
4
5
| #! /vendor/bin/sh
# 此处写脚本执行逻辑
echo "PowerManagerService.noSuspend" > /sys/power/wake_lock
|
path: rk_android_sdk/device/rockchip/rk356x/sepolicy_vendor
1
| /vendor/bin/cstest.sh u:object_r:cstest_exec:s0
|
path: /device/rockchip/rk356x
1
2
| # add android 自启动脚本测试
PRODUCT_COPY_FILES +=device/rockchip/rk356x/rk3568_cs/cstest.sh:vendor/bin/cstest.sh
|
功能是拷贝脚本到 vendor目录下
- init.recovery.rk30board.rc 文件增加
path: /device/rockchip/rk356x
1
2
3
4
5
6
7
8
9
10
| on property:sys.boot_completed=1
start cstest
service cstest /vendor/bin/cstest.sh
class main
user root
disabled
group root
oneshot
|
赋予启动服务组和用户
path: /device/rockchip/rk356x
1
2
3
| on init 下
exec -- /vendor/bin/cstest.sh
|
初始化时执行该服务
