export ANDROID_ROOT /system
export ANDROID_ASSETS /system/app
export ANDROID_DATA /data
- export EXTERNAL_STORAGE /sdcard
+ export EXTERNAL_STORAGE /mnt/sdcard
+ export ASEC_MOUNTPOINT /mnt/asec
export BOOTCLASSPATH /system/framework/core.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar
# Backward compatibility
symlink system/lib /lib
symlink /sys/kernel/debug /d
-# create mountpoints and mount tmpfs on sqlite_stmt_journals and debugfs on d
- mkdir /d
- chown system system /sdcard
- chmod 0777 /sdcard
+# create mountpoints
+ mkdir /mnt 0775 root system
+ mkdir /mnt/sdcard 0000 system system
+
+# Create cgroup mount point for cpu accounting
+ mkdir /acct
+ mount cgroup none /acct cpuacct
+ mkdir /acct/uid
+
+# Backwards Compat - XXX: Going away in G*
+ symlink /mnt/sdcard /sdcard
+
+ mkdir /system
mkdir /data 0771 system system
mkdir /cache 0770 system cache
mkdir /config 0500 root root
- mkdir /sqlite_stmt_journals 01777 root root
- mount tmpfs tmpfs /sqlite_stmt_journals size=4m
+
+ # Directory for putting things only root should see.
+ mkdir /mnt/secure 0700 root root
+
+ # Directory for staging bindmounts
+ mkdir /mnt/secure/staging 0700 root root
+
+ # Directory-target for where the secure container
+ # imagefile directory will be bind-mounted
+ mkdir /mnt/secure/asec 0700 root root
+
+ # Secure container public mount points.
+ mkdir /mnt/asec 0700 root system
+ mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000
mount rootfs rootfs / ro remount
write /proc/sys/kernel/sched_compat_yield 1
write /proc/sys/kernel/sched_child_runs_first 0
+# Create cgroup mount points for process groups
+ mkdir /dev/cpuctl
+ mount cgroup none /dev/cpuctl cpu
+ chown system system /dev/cpuctl
+ chown system system /dev/cpuctl/tasks
+ chmod 0777 /dev/cpuctl/tasks
+ write /dev/cpuctl/cpu.shares 1024
+
+ mkdir /dev/cpuctl/fg_boost
+ chown system system /dev/cpuctl/fg_boost/tasks
+ chmod 0777 /dev/cpuctl/fg_boost/tasks
+ write /dev/cpuctl/fg_boost/cpu.shares 1024
+
+ mkdir /dev/cpuctl/bg_non_interactive
+ chown system system /dev/cpuctl/bg_non_interactive/tasks
+ chmod 0777 /dev/cpuctl/bg_non_interactive/tasks
+ # 5.0 %
+ write /dev/cpuctl/bg_non_interactive/cpu.shares 52
+
# mount mtd partitions
-# TODO: this should be mounted by fs vol id (i.e. /dev/block-by-volid/system),
-# once init gets that functionality.
-# mount ext3 /dev/block/sda6 /system
-# mount ext3 /dev/block/sda6 /system ro remount
+ # Mount /system rw first to give the filesystem a chance to save a checkpoint
+# mount yaffs2 mtd@system /system
+# mount yaffs2 mtd@system /system ro remount
# We chown/chmod /data again so because mount is run as root + defaults
-# mount ext3 /dev/block/sda8 /data
+# mount yaffs2 mtd@userdata /data nosuid nodev
chown system system /data
chmod 0771 /data
+ # Create dump dir and collect dumps.
+ # Do this before we mount cache so eventually we can use cache for
+ # storing dumps on platforms which do not have a dedicated dump partition.
+
+ mkdir /data/dontpanic
+ chown root log /data/dontpanic
+ chmod 0750 /data/dontpanic
+
+ # Collect apanic data, free resources and re-arm trigger
+ copy /proc/apanic_console /data/dontpanic/apanic_console
+ chown root log /data/dontpanic/apanic_console
+ chmod 0640 /data/dontpanic/apanic_console
+
+ copy /proc/apanic_threads /data/dontpanic/apanic_threads
+ chown root log /data/dontpanic/apanic_threads
+ chmod 0640 /data/dontpanic/apanic_threads
+
+ write /proc/apanic_console 1
+
# Same reason as /data above
-# mount ext3 /dev/block/sda5 /cache
+# mount yaffs2 mtd@cache /cache nosuid nodev
chown system cache /cache
chmod 0770 /cache
# This may have been created by the recovery system with odd permissions
- chown system system /cache/recovery
+ chown system cache /cache/recovery
chmod 0770 /cache/recovery
+ #change permissions on vmallocinfo so we can grab it from bugreports
+ chown root log /proc/vmallocinfo
+ chmod 0440 /proc/vmallocinfo
+
+ #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks
+ chown root system /proc/kmsg
+ chmod 0440 /proc/kmsg
+ chown root system /proc/sysrq-trigger
+ chmod 0220 /proc/sysrq-trigger
+
# create basic filesystem structure
mkdir /data/misc 01771 system misc
mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth
+ mkdir /data/misc/bluetooth 0770 system system
+ mkdir /data/misc/keystore 0700 keystore keystore
+ mkdir /data/misc/vpn 0770 system system
+ mkdir /data/misc/systemkeys 0700 system system
+ mkdir /data/misc/vpn/profiles 0770 system system
+ # give system access to wpa_supplicant.conf for backup and restore
+ mkdir /data/misc/wifi 0770 wifi wifi
+ mkdir /data/misc/wifi/sockets 0770 wifi wifi
+ mkdir /data/system 0771 system system
+ mkdir /data/system/wpa_supplicant 0770 wifi wifi
+ chmod 0770 /data/misc/wifi
+ chmod 0660 /data/misc/wifi/wpa_supplicant.conf
mkdir /data/local 0771 shell shell
mkdir /data/local/tmp 0771 shell shell
mkdir /data/data 0771 system system
mkdir /data/app-private 0771 system system
mkdir /data/app 0771 system system
mkdir /data/property 0700 root root
-
- mkdir /data/misc/wifi 0770 wifi wifi
- mkdir /data/misc/wifi/sockets 0770 wifi wifi
- mkdir /data/system/wpa_supplicant 0770 wifi wifi
mkdir /data/misc/dhcp 0770 dhcp dhcp
chown dhcp dhcp /data/misc/dhcp
chown root root /cache/lost+found
chmod 0770 /cache/lost+found
-
-### Load some modules
-
on boot
# basic network init
ifup lo
# adbd is controlled by the persist.service.adb.enable system property
service adbd /sbin/adbd
+ disabled
+
+# adbd on at boot in emulator
+on property:ro.kernel.qemu=1
+ start adbd
on property:persist.service.adb.enable=1
start adbd
service vold /system/bin/vold
socket vold stream 0660 root mount
+ ioprio be 2
+
+service netd /system/bin/netd
+ socket netd stream 0660 root system
+
+#service debuggerd /system/bin/debuggerd
+
+service ril-daemon /system/bin/rild
+ socket rild stream 660 root radio
+ socket rild-debug stream 660 radio system
+ user root
+ group radio cache inet misc audio
service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server
socket zygote stream 666
service media /system/bin/mediaserver
user media
- group sdcard_rw system audio camera graphics inet net_bt
+ group system audio camera graphics inet net_bt net_bt_admin net_raw
+ ioprio rt 4
service bootanim /system/bin/bootanimation
user graphics
disabled
oneshot
-service installd /system/bin/installd
- socket installd stream 600 system system
-
service wpa_supplicant /system/bin/wpa_supplicant -Dwext -iwlan0 -c /data/misc/wifi/wpa_supplicant.conf
- group system wifi
+ group system wifi inet
disabled
oneshot
service hfag /system/bin/sdptool add --channel=10 HFAG
user bluetooth
- group bluetooth net_bt_admin misc
+ group bluetooth net_bt_admin
disabled
oneshot
service hsag /system/bin/sdptool add --channel=11 HSAG
user bluetooth
- group bluetooth net_bt_admin misc
+ group bluetooth net_bt_admin
disabled
oneshot
disabled
oneshot
-#Please do not change anything below this line. If you want to add new service, add it above this line
-#REMOVE FROM HERE
-service dhcpcd /system/bin/dhcpcd wlan0
- group system dhcp
+service installd /system/bin/installd
+ socket installd stream 600 system system
+
+service racoon /system/bin/racoon
+ socket racoon stream 600 system system
+ # racoon will setuid to vpn after getting necessary resources.
+ group net_admin
+ disabled
+ oneshot
+
+service mtpd /system/bin/mtpd
+ socket mtpd stream 600 system system
+ user vpn
+ group vpn net_admin net_raw
disabled
oneshot
+service keystore /system/bin/keystore /data/misc/keystore
+ user keystore
+ group keystore
+ socket keystore stream 666
+
+service dumpstate /system/bin/dumpstate -s
+ socket dumpstate stream 0660 shell log
+ disabled
+ oneshot
+
+#Please do not change anything below this line. If you want to add new service, add it above this line
+#REMOVE FROM HERE