10 # setup the global environment
11 export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
12 export LD_LIBRARY_PATH /vendor/lib:/system/lib
13 export ANDROID_BOOTLOGO 1
14 export ANDROID_ROOT /system
15 export ANDROID_ASSETS /system/app
16 export ANDROID_DATA /data
17 export EXTERNAL_STORAGE /mnt/sdcard
18 export ASEC_MOUNTPOINT /mnt/asec
19 export LOOP_MOUNTPOINT /mnt/obb
20 export BOOTCLASSPATH /system/framework/core.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/core-junit.jar
23 # Backward compatibility
24 symlink /system/etc /etc
25 symlink /sys/kernel/debug /d
27 # Right now vendor lives on the same filesystem as system,
28 # but someday that may change.
29 symlink /system/vendor /vendor
32 mkdir /mnt 0775 root system
33 mkdir /mnt/sdcard 0000 system system
35 # Create cgroup mount point for cpu accounting
37 mount cgroup none /acct cpuacct
40 # Backwards Compat - XXX: Going away in G*
41 symlink /mnt/sdcard /sdcard
44 mkdir /data 0771 system system
45 mkdir /cache 0770 system cache
46 mkdir /config 0500 root root
48 # Directory for putting things only root should see.
49 mkdir /mnt/secure 0700 root root
51 # Directory for staging bindmounts
52 mkdir /mnt/secure/staging 0700 root root
54 # Directory-target for where the secure container
55 # imagefile directory will be bind-mounted
56 mkdir /mnt/secure/asec 0700 root root
58 # Secure container public mount points.
59 mkdir /mnt/asec 0700 root system
60 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
62 # Filesystem image public mount points.
63 mkdir /mnt/obb 0700 root system
64 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000
66 write /proc/sys/kernel/panic_on_oops 1
67 write /proc/sys/kernel/hung_task_timeout_secs 0
68 write /proc/cpu/alignment 4
69 write /proc/sys/kernel/sched_latency_ns 10000000
70 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
71 write /proc/sys/kernel/sched_compat_yield 1
72 write /proc/sys/kernel/sched_child_runs_first 0
74 # Create cgroup mount points for process groups
76 mount cgroup none /dev/cpuctl cpu
77 chown system system /dev/cpuctl
78 chown system system /dev/cpuctl/tasks
79 chmod 0777 /dev/cpuctl/tasks
80 write /dev/cpuctl/cpu.shares 1024
82 mkdir /dev/cpuctl/fg_boost
83 chown system system /dev/cpuctl/fg_boost/tasks
84 chmod 0777 /dev/cpuctl/fg_boost/tasks
85 write /dev/cpuctl/fg_boost/cpu.shares 1024
87 mkdir /dev/cpuctl/bg_non_interactive
88 chown system system /dev/cpuctl/bg_non_interactive/tasks
89 chmod 0777 /dev/cpuctl/bg_non_interactive/tasks
91 write /dev/cpuctl/bg_non_interactive/cpu.shares 52
94 # mount mtd partitions
95 # Mount /system rw first to give the filesystem a chance to save a checkpoint
96 mount yaffs2 mtd@system /system
97 mount yaffs2 mtd@system /system ro remount
98 mount yaffs2 mtd@userdata /data0 nosuid nodev
99 mount yaffs2 mtd@cache /cache nosuid nodev
102 # once everything is setup, no need to modify /
103 mount rootfs rootfs / ro remount
105 # We chown/chmod /data again so because mount is run as root + defaults
106 chown system system /data
109 symlink /data0/data_ginger/data /data
110 chown system system /data
111 chown system system /data0/data_ginger/data
112 chmod 0771 system system /data0/data_ginger/data
113 symlink /data0/system_ginger/system /system
114 symlink /system/etc /etc
116 # Create dump dir and collect dumps.
117 # Do this before we mount cache so eventually we can use cache for
118 # storing dumps on platforms which do not have a dedicated dump partition.
120 mkdir /data/dontpanic
121 chown root log /data/dontpanic
122 chmod 0750 /data/dontpanic
124 # Collect apanic data, free resources and re-arm trigger
125 copy /proc/apanic_console /data/dontpanic/apanic_console
126 chown root log /data/dontpanic/apanic_console
127 chmod 0640 /data/dontpanic/apanic_console
129 copy /proc/apanic_threads /data/dontpanic/apanic_threads
130 chown root log /data/dontpanic/apanic_threads
131 chmod 0640 /data/dontpanic/apanic_threads
133 write /proc/apanic_console 1
135 # Same reason as /data above
136 chown system cache /cache
139 # This may have been created by the recovery system with odd permissions
140 chown system cache /cache/recovery
141 chmod 0770 /cache/recovery
143 #change permissions on vmallocinfo so we can grab it from bugreports
144 chown root log /proc/vmallocinfo
145 chmod 0440 /proc/vmallocinfo
147 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
148 chown root system /proc/kmsg
149 chmod 0440 /proc/kmsg
150 chown root system /proc/sysrq-trigger
151 chmod 0220 /proc/sysrq-trigger
153 # create basic filesystem structure
154 mkdir /data/misc 01771 system misc
155 mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth
156 mkdir /data/misc/bluetooth 0770 system system
157 mkdir /data/misc/keystore 0700 keystore keystore
158 mkdir /data/misc/vpn 0770 system system
159 mkdir /data/misc/systemkeys 0700 system system
160 mkdir /data/misc/vpn/profiles 0770 system system
161 # give system access to wpa_supplicant.conf for backup and restore
162 mkdir /data/misc/wifi 0770 wifi wifi
163 chmod 0770 /data/misc/wifi
164 chmod 0660 /data/misc/wifi/wpa_supplicant.conf
165 mkdir /data/local 0771 shell shell
166 mkdir /data/local/tmp 0771 shell shell
167 mkdir /data/data 0771 system system
168 mkdir /data/app-private 0771 system system
169 mkdir /data/app 0771 system system
170 mkdir /data/property 0700 root root
172 # create dalvik-cache and double-check the perms
173 mkdir /data/dalvik-cache 0771 system system
174 chown system system /data/dalvik-cache
175 chmod 0771 /data/dalvik-cache
177 # create the lost+found directories, so as to enforce our permissions
178 mkdir /data/lost+found 0770
179 mkdir /cache/lost+found 0770
181 # double check the perms, in case lost+found already exists, and set owner
182 chown root root /data/lost+found
183 chmod 0770 /data/lost+found
184 chown root root /cache/lost+found
185 chmod 0770 /cache/lost+found
187 # create data/drm directory
188 mkdir /data/drm 0774 drm drm
189 chown drm drm /data/drm
196 domainname localdomain
198 # set RLIMIT_NICE to allow priorities from 19 to -20
201 # Define the oom_adj values for the classes of processes that can be
202 # killed by the kernel. These are used in ActivityManagerService.
203 setprop ro.FOREGROUND_APP_ADJ 0
204 setprop ro.VISIBLE_APP_ADJ 1
205 setprop ro.PERCEPTIBLE_APP_ADJ 2
206 setprop ro.HEAVY_WEIGHT_APP_ADJ 3
207 setprop ro.SECONDARY_SERVER_ADJ 4
208 setprop ro.BACKUP_APP_ADJ 5
209 setprop ro.HOME_APP_ADJ 6
210 setprop ro.HIDDEN_APP_MIN_ADJ 7
211 setprop ro.EMPTY_APP_ADJ 15
213 # Define the memory thresholds at which the above process classes will
214 # be killed. These numbers are in pages (4k).
215 setprop ro.FOREGROUND_APP_MEM 2048
216 setprop ro.VISIBLE_APP_MEM 3072
217 setprop ro.PERCEPTIBLE_APP_MEM 4096
218 setprop ro.HEAVY_WEIGHT_APP_MEM 4096
219 setprop ro.SECONDARY_SERVER_MEM 6144
220 setprop ro.BACKUP_APP_MEM 6144
221 setprop ro.HOME_APP_MEM 6144
222 setprop ro.HIDDEN_APP_MEM 7168
223 setprop ro.EMPTY_APP_MEM 8192
225 # Write value must be consistent with the above properties.
226 # Note that the driver only supports 6 slots, so we have combined some of
227 # the classes into the same memory level; the associated processes of higher
228 # classes will still be killed first.
229 write /sys/module/lowmemorykiller/parameters/adj 0,1,2,4,7,15
231 write /proc/sys/vm/overcommit_memory 1
232 write /proc/sys/vm/min_free_order_shift 4
233 write /sys/module/lowmemorykiller/parameters/minfree 2048,3072,4096,6144,7168,8192
235 # Set init its forked children's oom_adj.
236 write /proc/1/oom_adj -16
238 # Tweak background writeout
239 write /proc/sys/vm/dirty_expire_centisecs 200
240 write /proc/sys/vm/dirty_background_ratio 5
242 # Permissions for System Server and daemons.
243 chown radio system /sys/android_power/state
244 chown radio system /sys/android_power/request_state
245 chown radio system /sys/android_power/acquire_full_wake_lock
246 chown radio system /sys/android_power/acquire_partial_wake_lock
247 chown radio system /sys/android_power/release_wake_lock
248 chown radio system /sys/power/state
249 chown radio system /sys/power/wake_lock
250 chown radio system /sys/power/wake_unlock
251 chmod 0660 /sys/power/state
252 chmod 0660 /sys/power/wake_lock
253 chmod 0660 /sys/power/wake_unlock
254 chown system system /sys/class/timed_output/vibrator/enable
255 chown system system /sys/class/leds/keyboard-backlight/brightness
256 chown system system /sys/class/leds/lcd-backlight/brightness
257 chown system system /sys/class/leds/button-backlight/brightness
258 chown system system /sys/class/leds/jogball-backlight/brightness
259 chown system system /sys/class/leds/red/brightness
260 chown system system /sys/class/leds/green/brightness
261 chown system system /sys/class/leds/blue/brightness
262 chown system system /sys/class/leds/red/device/grpfreq
263 chown system system /sys/class/leds/red/device/grppwm
264 chown system system /sys/class/leds/red/device/blink
265 chown system system /sys/class/leds/red/brightness
266 chown system system /sys/class/leds/green/brightness
267 chown system system /sys/class/leds/blue/brightness
268 chown system system /sys/class/leds/red/device/grpfreq
269 chown system system /sys/class/leds/red/device/grppwm
270 chown system system /sys/class/leds/red/device/blink
271 chown system system /sys/class/timed_output/vibrator/enable
272 chown system system /sys/module/sco/parameters/disable_esco
273 chown system system /sys/kernel/ipv4/tcp_wmem_min
274 chown system system /sys/kernel/ipv4/tcp_wmem_def
275 chown system system /sys/kernel/ipv4/tcp_wmem_max
276 chown system system /sys/kernel/ipv4/tcp_rmem_min
277 chown system system /sys/kernel/ipv4/tcp_rmem_def
278 chown system system /sys/kernel/ipv4/tcp_rmem_max
279 chown root radio /proc/cmdline
281 # Define TCP buffer sizes for various networks
282 # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,
283 setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208
284 setprop net.tcp.buffersize.wifi 4095,87380,110208,4096,16384,110208
285 setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208
286 setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040
287 setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680
291 ## Daemon processes to be run by init.
293 service ueventd /sbin/ueventd
296 service console /system/bin/sh
302 on property:ro.secure=0
305 # adbd is controlled by the persist.service.adb.enable system property
306 service adbd /sbin/adbd
309 # adbd on at boot in emulator
310 on property:ro.kernel.qemu=1
313 on property:persist.service.adb.enable=1
316 on property:persist.service.adb.enable=0
319 service servicemanager /system/bin/servicemanager
322 onrestart restart zygote
323 onrestart restart media
325 service vold /system/bin/vold
326 socket vold stream 0660 root mount
329 service netd /system/bin/netd
330 socket netd stream 0660 root system
331 socket dnsproxyd stream 0660 root inet
333 service debuggerd /system/bin/debuggerd
335 service ril-daemon /system/bin/rild
336 socket rild stream 660 root radio
337 socket rild-debug stream 660 radio system
339 group radio cache inet misc audio sdcard_rw
341 service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server
342 socket zygote stream 666
343 onrestart write /sys/android_power/request_state wake
344 onrestart write /sys/power/state on
345 onrestart restart media
346 onrestart restart netd
348 service drm /system/bin/drmserver
350 group system root inet
352 service drmio /system/bin/drmioserver
355 service media /system/bin/mediaserver
357 group system audio camera graphics inet net_bt net_bt_admin net_raw
360 service bootanim /system/bin/bootanimation
366 service dbus /system/bin/dbus-daemon --system --nofork
367 socket dbus stream 660 bluetooth bluetooth
369 group bluetooth net_bt_admin
371 service bluetoothd /system/bin/bluetoothd -n
372 socket bluetooth stream 660 bluetooth bluetooth
373 socket dbus_bluetooth stream 660 bluetooth bluetooth
374 # init.rc does not yet support applying capabilities, so run as root and
375 # let bluetoothd drop uid to bluetooth with the right linux capabilities
376 group bluetooth net_bt_admin misc
379 service hfag /system/bin/sdptool add --channel=10 HFAG
381 group bluetooth net_bt_admin
385 service hsag /system/bin/sdptool add --channel=11 HSAG
387 group bluetooth net_bt_admin
391 service opush /system/bin/sdptool add --channel=12 OPUSH
393 group bluetooth net_bt_admin
397 service pbap /system/bin/sdptool add --channel=19 PBAP
399 group bluetooth net_bt_admin
403 service installd /system/bin/installd
404 socket installd stream 600 system system
406 service flash_recovery /system/etc/install-recovery.sh
409 service racoon /system/bin/racoon
410 socket racoon stream 600 system system
411 # racoon will setuid to vpn after getting necessary resources.
416 service mtpd /system/bin/mtpd
417 socket mtpd stream 600 system system
419 group vpn net_admin net_raw
423 service keystore /system/bin/keystore /data/misc/keystore
426 socket keystore stream 666
428 service dumpstate /system/bin/dumpstate -s
429 socket dumpstate stream 0660 shell log