首页 > 代码库 > make_ext4fs 文件权限控制

make_ext4fs 文件权限控制

问题

最近在给 android 系统的 data 分区制作 ext4 镜像,但是发现系统启动后,文件的 user 和 group 都变成了 root,不是原有的属性。困扰了很久。

解决

make_ext4fs 有一个选项是 ‘-a’ ,即挂载点。这个选项是配合 android/system/core/include/private/android_filesystem_config.h 用的,根据挂载点修改镜像中文件和目录的权限,比如:

static struct fs_path_config android_dirs[] = {
    { 00770, AID_SYSTEM, AID_CACHE,  "cache" },
    { 00771, AID_SYSTEM, AID_SYSTEM, "data/app" },
    { 00771, AID_SYSTEM, AID_SYSTEM, "data/app-private" },
    { 00771, AID_SYSTEM, AID_SYSTEM, "data/dalvik-cache" },
    { 00771, AID_SYSTEM, AID_SYSTEM, "data/data" },
    { 00771, AID_SHELL,  AID_SHELL,  "data/local/tmp" },
    { 00771, AID_SHELL,  AID_SHELL,  "data/local" },
    { 01771, AID_SYSTEM, AID_MISC,   "data/misc" },
    { 00770, AID_DHCP,   AID_DHCP,   "data/misc/dhcp" },
    { 00775, AID_MEDIA_RW, AID_MEDIA_RW, "data/media" },
    { 00775, AID_MEDIA_RW, AID_MEDIA_RW, "data/media/Music" },
    { 00771, AID_SYSTEM, AID_SYSTEM, "data" },
    { 00750, AID_ROOT,   AID_SHELL,  "sbin" },
    { 00755, AID_ROOT,   AID_SHELL,  "system/bin" },
    { 00755, AID_ROOT,   AID_SHELL,  "system/vendor" },
    { 00755, AID_ROOT,   AID_SHELL,  "system/xbin" },
    { 00755, AID_ROOT,   AID_ROOT,   "system/etc/ppp" },
    { 00777, AID_ROOT,   AID_ROOT,   "sdcard" },
    { 00755, AID_ROOT,   AID_ROOT,   0 },
};

那么,解决方法就有了:去掉 ‘-a’ 选项。

修改文件:android/build/core/Makefile

define build-userdataimage-target
    $(call pretty,"Target userdata fs image: $(INSTALLED_USERDATAIMAGE_TARGET)")
    @mkdir -p $(TARGET_OUT_DATA)
    $(call build-userimage-ext-target,$(TARGET_OUT_DATA),$(INSTALLED_USERDATAIMAGE_TARGET),data,$(INTERNAL_USERIMAGES_EXT_VARIANT),$(BOARD_USERDATAIMAGE_PARTITION_SIZE))
    $(hide) $(call assert-max-image-size,$(INSTALLED_USERDATAIMAGE_TARGET),$(BOARD_USERDATAIMAGE_PARTITION_SIZE),yaffs)
endef

改为:

define build-userdataimage-target
    $(call pretty,"Target userdata fs image: $(INSTALLED_USERDATAIMAGE_TARGET)")
    @mkdir -p $(TARGET_OUT_DATA)
    make_ext4fs -s -l $(BOARD_USERDATAIMAGE_PARTITION_SIZE) $(INSTALLED_USERDATAIMAGE_TARGET) $(TARGET_OUT_DATA)
    $(hide) $(call assert-max-image-size,$(INSTALLED_USERDATAIMAGE_TARGET),$(BOARD_USERDATAIMAGE_PARTITION_SIZE),yaffs)
endef