Merge pull request #87 from alvinhkh/master

[android-x86/external-koush-Superuser.git] / Superuser / jni / su / su.c

diff --git a/Superuser/jni/su/su.c b/Superuser/jni/su/su.c
index 53e36de..32166a7 100644 (file)
--- a/Superuser/jni/su/su.c
+++ b/Superuser/jni/su/su.c
@@ -174,10 +174,10 @@ static int get_multiuser_mode() {
     char mode[12];
     FILE *fp;
     if ((fp = fopen(REQUESTOR_MULTIUSER_MODE, "r"))) {
+        fgets(mode, sizeof(mode), fp);
         int last = strlen(mode) - 1;
         if (mode[last] == '\n')
             mode[last] = '\0';
-        fgets(mode, sizeof(mode), fp);
         if (strcmp(mode, MULTIUSER_VALUE_USER) == 0) {
             ret = MULTIUSER_MODE_USER;
         } else if (strcmp(mode, MULTIUSER_VALUE_OWNER_MANAGED) == 0) {
@@ -703,39 +703,47 @@ int main(int argc, char *argv[]) {
     read_options(&ctx);
     user_init(&ctx);
     
-    if (ctx.user.multiuser_mode == MULTIUSER_MODE_OWNER_ONLY && ctx.user.android_user_id != 0) {
-        deny(&ctx);
-    }
-
-    if (access_disabled(&ctx.from)) {
-        LOGD("access_disabled");
-        deny(&ctx);
-    }
-
-    ctx.umask = umask(027);
-
+    // TODO: customizable behavior for shell? It can currently be toggled via settings.
     if (ctx.from.uid == AID_ROOT || ctx.from.uid == AID_SHELL) {
         LOGD("Allowing root/shell.");
         allow(&ctx);
     }
 
+    // verify superuser is installed
     if (stat(ctx.user.base_path, &st) < 0) {
-        silent_run("am start -d market://details?id=" JAVA_PACKAGE_NAME);
+        // send to market
+        if (0 == strcmp(JAVA_PACKAGE_NAME, REQUESTOR))
+            silent_run("am start -d http://www.clockworkmod.com/superuser/install.html -a android.intent.action.VIEW");
         PLOGE("stat %s", ctx.user.base_path);
         deny(&ctx);
     }
 
+    // odd perms on superuser data dir
     if (st.st_gid != st.st_uid) {
         LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
                 (int)st.st_uid, (int)st.st_gid);
         deny(&ctx);
     }
     
+    // always allow if this is the superuser uid
+    // superuser needs to be able to reenable itself when disabled...
     if (ctx.from.uid == st.st_uid) {
-        // automatically grant the superuser app itself
         allow(&ctx);
     }
 
+    // check if superuser is disabled completely
+    if (access_disabled(&ctx.from)) {
+        LOGD("access_disabled");
+        deny(&ctx);
+    }
+
+    // deny if this is a non owner request and owner mode only
+    if (ctx.user.multiuser_mode == MULTIUSER_MODE_OWNER_ONLY && ctx.user.android_user_id != 0) {
+        deny(&ctx);
+    }
+
+    ctx.umask = umask(027);
+
     int ret = mkdir(REQUESTOR_CACHE_PATH, 0770);
     if (chown(REQUESTOR_CACHE_PATH, st.st_uid, st.st_gid)) {
         PLOGE("chown (%s, %ld, %ld)", REQUESTOR_CACHE_PATH, st.st_uid, st.st_gid);