Automation: Split into two service
1. setup adb requires system permssion
2. wizard and other setup requires root permssions
Issue: FP3-A11#130
Change-Id: Iba2aedded8e8811425dddde9e4ce56758ec2f93d
diff --git a/automation_setup/Android.bp b/automation_setup/Android.bp
index 8079e10..7715903 100644
--- a/automation_setup/Android.bp
+++ b/automation_setup/Android.bp
@@ -10,3 +10,9 @@
srcs: ["automation_setup.sh"],
init_rc: ["automation_setup.rc"],
}
+
+cc_prebuilt_binary {
+ name: "automation_adb_setup",
+
+ srcs: ["automation_adb_setup.sh"],
+}
diff --git a/automation_setup/automation_adb_setup.sh b/automation_setup/automation_adb_setup.sh
new file mode 100644
index 0000000..13a073b
--- /dev/null
+++ b/automation_setup/automation_adb_setup.sh
@@ -0,0 +1,16 @@
+#!/system/bin/sh
+
+# Check if this script should trigger, exit quietly otherwise.
+if [ ! -f /data/userdata_automation/trigger ]; then
+ echo >&2 "+++ SKIPPING automation adb setup for ATS. Trigger not set. +++"
+ exit 0
+fi
+
+# Move supplied adb public key to correct directory
+# Must run under system user to match owner of /data/misc/adb/.
+mv -v /data/userdata_automation/adb_keys /data/misc/adb/adb_keys
+chown -v 1000:2000 /data/misc/adb/adb_keys
+# Enable adb, system property part
+setprop persist.sys.usb.config adb
+
+echo >&2 "+++ TRIGGERING AUTOMATION ADB SETUP FOR ATS DONE +++"
diff --git a/automation_setup/automation_setup.rc b/automation_setup/automation_setup.rc
index 4e54ab8..2374d96 100644
--- a/automation_setup/automation_setup.rc
+++ b/automation_setup/automation_setup.rc
@@ -5,10 +5,18 @@
#
on load_persist_props_action
+ start automation_adb_setup
start automation_setup
+service automation_adb_setup /system/bin/automation_adb_setup
+ user system
+ group root
+ stdio_to_kmsg
+ oneshot
+ disabled
+
service automation_setup /system/bin/automation_setup
- user system
+ user root
group root
stdio_to_kmsg
oneshot
diff --git a/automation_setup/automation_setup.sh b/automation_setup/automation_setup.sh
index 4b80fae..decf742 100644
--- a/automation_setup/automation_setup.sh
+++ b/automation_setup/automation_setup.sh
@@ -15,12 +15,10 @@
# Output on stderr, to be picked up via stdio_to_kmsg on kmsg.
echo >&2 "+++ TRIGGERING AUTOMATION SETUP FOR ATS +++"
-# Move supplied adb public key to correct directory
-mv -v /data/userdata_automation/adb_keys /data/misc/adb/adb_keys
-chown -v 1000:2000 /data/misc/adb/adb_keys
+# Following `settings put` calls must run as root from Android 11 on. The
+# `system` user doesn't have enough permissions.
-# Enable adb
-setprop persist.sys.usb.config adb
+# Enable adb, system settings part
settings_put global development_settings_enabled 1
settings_put global verifier_verify_adb_installs 0
settings_put global adb_enabled 1
diff --git a/sepolicy/vendor/automation_setup/file_contexts b/sepolicy/vendor/automation_setup/file_contexts
index 3352aac..124322b 100644
--- a/sepolicy/vendor/automation_setup/file_contexts
+++ b/sepolicy/vendor/automation_setup/file_contexts
@@ -4,5 +4,6 @@
# SPDX-License-Identifier: Apache-2.0
#
-/system/bin/automation_setup u:object_r:automation_setup_exec:s0
-/data/userdata_automation(/.*)? u:object_r:userdata_automation_file:s0
+/system/bin/automation_setup u:object_r:automation_setup_exec:s0
+/system/bin/automation_adb_setup u:object_r:automation_setup_exec:s0
+/data/userdata_automation(/.*)? u:object_r:userdata_automation_file:s0