The default umask changed, so we have to explicitly set the mode of the
lib directory when we create it in unlinklib.
Bug: 6857022
Change-Id: I06fc3f29e99d686bbbb96184d8c314d4cc57e9fe
This rewrites installd's code for deleting cache files to be better:
- Isn't really stupid about just deleting directories in the order
they are found on the filesytem; now collects all cache files and
sorts them by mod time to determine which to delete.
- Also deletes cache files in /data/media and for all users.
This also tweaks DeviceStorageMonitor to be a little smarter about
deciding when to flush cache files, having upper and lower limits
that it allows memory to get down to and then flash files to reach
the higher free storage limit. This should reduce the amount that
we perform flushing when starting to reach the storage limit.
Finally add a new pm command to force a cache flush.
Change-Id: I02229038e1ad553d1168393e5cb6d5025933271d
The latest push changed LOG(E|V) to ALOG(E|V) but it was not updated in HAVE_SELINUX blocks.
Change-Id: I626588589dd00775ba29f2a256ac29e481598dc3
Signed-off-by: Joshua Brindle <jbrindle@tresys.com>
...mismatched uid: X on disk, Y in settings" errors on Froyo and Gingerbread
Deal more gracefully with the uid changing in three ways:
1. If the uid on disk has become root, then have installd change it to
the application's uid. This is to correct a potential case where
installd was interrupted while linking or unlinking the libs dir,
during which it temporarily changes the owner of the dir to root
so that a malicious app can not get in its way. So if the uid on
disk has become root, we assume we can safely just change it back
to the correct uid.
2. When scaning packages at boot, use the same "delete and rebuild data
directory" code for third party applications as we have for system
applications. This allows us to at least end up in a state where the
app will run, even if its data is lost.
3. But we really don't want to get in to case 2, so if an application
update is being installed and we find that the uid we now have for
the app is different than the one on disk, fail the update. This will
protect against for example a developer changing the sharedUserId of
their app and getting into this bad state.
Bug: 6295373
Change-Id: Ic802fdd818ac62449ff3c61d1fff1aa4d4942f39
Make sure /data/user directory permissions get explicitly set
regardless of the system umask.
Change directory permissions to 0711. No need for read permissions.
Bug: 3272072
Change-Id: Ida7f3c6656f4e0c9d0a9f7648491cc853c4e44ca
Switching activity stacks
Cache ContentProvider per user
Long-press power to switch users (on phone)
Added ServiceMap for separating services by user
Launch PendingIntents on the correct user's uid
Fix task switching from Recents list
AppWidgetService is mostly working.
Commands added to pm and am to allow creating and switching profiles.
Change-Id: I15810e8cfbe50a04bd3323a7ef5a8ff4230870ed
installd already sets the UID/GID/mode for package directories.
Extend it to also call libselinux to set the SELinux security context.
Change-Id: I22d38e3e7facdfcee20a34bf30f1412dbb87761f
This broke with some other path-related changes, so it was scanning for
/data/*/cache instead of /data/data/*/cache
Also remove redundant call to restat
Bug: 5686310
Change-Id: Id1661f0f1337858fc9ead53c56ab7557f421c591
...for Market App iRunner
There were a lot of serious issues with how we updated (or often didn't update)
the display and resource state when switching compatibility mode in conjunction
with restarting and updating application components. This addresses everything
I could find.
Unfortunately it does *not* fix this particular app. I am starting to think this
is just an issue in the app. This change does fix a number of other problems
I could repro, such as switching the compatibility mode of an IME.
Also a few changes here and there to get rid of $#*&^!! debug logs.
Change-Id: Ib15572eac9ec93b4b9966ddcbbc830ce9dec1317
- Create /data/user directory and symlink /data/user/0 -> /data/data for
backward compatibility
- Create data directories for all packages for new user
- Remove data directories when removing a user
- Create data directories for all users when a package is created
- Clear / Remove data for multiple users
- Fixed a bug in verifying the location of a system app
- pm commands for createUser and removeUser (will be disabled later)
- symlink duplicate lib directories to the original lib directory
Change-Id: Id9fdfcf0e62406a8896aa811314dfc08d5f6ed95
* Add ability to select different personas to generate the path to be
created.
* Move hardcoded paths to read from init's set environment.
* Add unit tests for all the utility functions that build strings to
make sure they're correct.
* Fill in persona with "0" all the time now. Will be plumbed through in
later CL.
Change-Id: I0a7f6e3640cb6b052f8823080886ee79e90b679f
Disk usage calculation will happen in more places now, so move the
installd calculation utilities out to its own library that only gets
built for the target.
Change-Id: Idceb6bd663ca6ab3d38fa00e57ee74a25b784855
If the library couldn't be printed to the string, installd should fail
early instead of trying to chmod() back to uninitialized stat struct.
Bug: 3121721
Change-Id: I8a3604954ae657a1e07c1ad8d5569aa80aff9e0a
This will help legacy games that use dlopen() to directly access the
/data/data/<app>/lib directory before the
ApplicationInfo.nativeLibraryDir was part of the API.
Change-Id: Ie9f3e7239b6334708b5d086ffafe66a507f6d9da
Use int64_t because we're RPCing over to Java which uses a Long to
represent the filesystem space.
Change-Id: I842b2cf9f2ff8f980ff5895c1c8eb9ebefa1ea31
If a command to installd fails, it would be nice to know exactly why.
Log failures and the errno associated with the failures.
Change-Id: Ia3122675f243037c556d3a49d06da7e03b8c59f6
Add new remote method to check for insufficient error conditions.
Some fixes in MountService when updating media status on PackageManagerService
Fix size calculation condition in installd.
Add new error code if media is unavailable.
New tests for testing error codes.
Some additional debugging statements in MountService.
Change-Id: Ibfe90d5ed6c71d57f9c1c67806f38b5ae9ecdfbf
Use constants defined in PackageHelper for user preferences
to install auto, internal, external.
Set default install location to external.
Update settings db version number
Change-Id: Ib5110c9377990e20a48cee923e55898dfddfd1e6
change hard coded path in installd
fix tests
Work around for renaming containers.
Do forced unmount when destroying containers.
Force a gc in default container service to release handle to parsed package
and thus avoid getting killed by vold
Some cosmetic changes to PackageManager api.
Unit tests for renaming container for MountService
Remove internal size limit on app to be installed.
This adds three new features:
- <original-package android:name="com.foo" /> manifest tag.
This allows an .apk to specify another package it originally came from,
propagating all state and data from the old to new package.
- <adopt-permissions android:name="com.foo" /> manifest tag.
In some more complicated cases, a new .apk may be a combination
of multiple older .apks that each declared their own permissions.
This allows you to propagate the permissions from these other
.apks into the new one.
- A new system/etc/updatecmds directory.
You can place files here which describe data files to move from
one package to another. (See below for details.)
Also in this change: we now clean up the data directories of
.apks that disappear from the system image, and some improvements
to logging and reporting error messages.
A typical file in the updatecmds directory looks like this:
-------
com.google.android.gsf:com.google.android.providers.talk
databases/talk.db
com.google.android.gsf:com.google.android.googleapps
databases/gls.db
-------
This says that for com.google.android.sfs, there are two packages to
move files from:
From com.google.android.providers.talk, the file databases/talk.db.
From com.google.android.googleapps, the file databases/gls.db
As part of moving the file, its owner will be changed from the old
package to whoever is the owner of the new package's data directory.
If those two files had existed, after booting you would now have the
files:
/data/data/com.google.android.gsf/databases/talk.db
/data/data/com.google.android.gsf/databases/gls.db
Note that all three of these facilities assume that the older .apk
is completely removed from the newer system. The WILL NOT work
correctly if the older .apk still remains.
Add new remote interface to do temporary copies. The new
remote stub handling is done on mHandler thread and doesn't need locking
for now.
Add new InstallArgs class and subclasses to isolate cases for installation.
Move resource deletion for failed installs/upgrades to later on in installation
cycle.
Fix code path for forward locked apps when using scanPackageLI
TODO's
Fix installation paths to completely use InstallArgs based design later on.
Get rid of using flags in various install/uninstall code paths.
Ideally InstallArgs should be created using these flags and used in the
rest of the code.
Function renames.
Revisit mount api's.
to install an app on sdcard, just resources.
Add new install path for /asec in installd.
ignore . when checking for apk path since the sdcard packages id'ed
by package name.
Add new -s option to adb shell pm
Refactor fwd locked from scanMode to ApplicationInfo.
Add new flag for sd install
Add new parse flags for fwd locking and installing on sdcard
New mock api's in PackageManagerService to invoke MountService api's. These
will be refactored again and so have been wrapped internally.
Some error codes in PackageManager
Changes in PackageManagerService to use mPath and mScanPath during installation
and switch to using PackageParser.Package.applicationInfo attributes for
source and public resource directories.
Some known issues that will be addressed later
using system_uid for now. needs some tinkering with uid and packagesetting creation to use the actual app uid
error handling from vold not very robust. ignoring lot of things for now
sending a delayed destroy to delete packages. will revisit later
revisit temp file creation later. just copy for now
