1 on early-init 2 start ueventd 3 4 on init 5 6 sysclktz 0 7 8 loglevel 3 9 10 # setup the global environment 11 export PATH /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin 12 export LD_LIBRARY_PATH /vendor/lib:/system/lib 13 export ANDROID_BOOTLOGO 1 14 export ANDROID_ROOT /system 15 export ANDROID_ASSETS /system/app 16 export ANDROID_DATA /data 17 export EXTERNAL_STORAGE /mnt/sdcard 18 export ASEC_MOUNTPOINT /mnt/asec 19 export LOOP_MOUNTPOINT /mnt/obb 20 export BOOTCLASSPATH /system/framework/core.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/core-junit.jar 21 22 # Backward compatibility 23 symlink /system/etc /etc 24 symlink /sys/kernel/debug /d 25 26 # Right now vendor lives on the same filesystem as system, 27 # but someday that may change. 28 symlink /system/vendor /vendor 29 30 # create mountpoints 31 mkdir /mnt 0775 root system 32 mkdir /mnt/sdcard 0000 system system 33 34 # Create cgroup mount point for cpu accounting 35 mkdir /acct 36 mount cgroup none /acct cpuacct 37 mkdir /acct/uid 38 39 # Backwards Compat - XXX: Going away in G* 40 symlink /mnt/sdcard /sdcard 41 42 mkdir /system 43 mkdir /data 0771 system system 44 mkdir /cache 0770 system cache 45 mkdir /config 0500 root root 46 47 # Directory for putting things only root should see. 48 mkdir /mnt/secure 0700 root root 49 50 # Directory for staging bindmounts 51 mkdir /mnt/secure/staging 0700 root root 52 53 # Directory-target for where the secure container 54 # imagefile directory will be bind-mounted 55 mkdir /mnt/secure/asec 0700 root root 56 57 # Secure container public mount points. 58 mkdir /mnt/asec 0700 root system 59 mount tmpfs tmpfs /mnt/asec mode=0755,gid=1000 60 61 # Filesystem image public mount points. 62 mkdir /mnt/obb 0700 root system 63 mount tmpfs tmpfs /mnt/obb mode=0755,gid=1000 64 65 write /proc/sys/kernel/panic_on_oops 1 66 write /proc/sys/kernel/hung_task_timeout_secs 0 67 write /proc/cpu/alignment 4 68 write /proc/sys/kernel/sched_latency_ns 10000000 69 write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000 70 write /proc/sys/kernel/sched_compat_yield 1 71 write /proc/sys/kernel/sched_child_runs_first 0 72 73 # Create cgroup mount points for process groups 74 mkdir /dev/cpuctl 75 mount cgroup none /dev/cpuctl cpu 76 chown system system /dev/cpuctl 77 chown system system /dev/cpuctl/tasks 78 chmod 0777 /dev/cpuctl/tasks 79 write /dev/cpuctl/cpu.shares 1024 80 81 mkdir /dev/cpuctl/fg_boost 82 chown system system /dev/cpuctl/fg_boost/tasks 83 chmod 0777 /dev/cpuctl/fg_boost/tasks 84 write /dev/cpuctl/fg_boost/cpu.shares 1024 85 86 mkdir /dev/cpuctl/bg_non_interactive 87 chown system system /dev/cpuctl/bg_non_interactive/tasks 88 chmod 0777 /dev/cpuctl/bg_non_interactive/tasks 89 # 5.0 % 90 write /dev/cpuctl/bg_non_interactive/cpu.shares 52 91 92 on fs 93 # mount mtd partitions 94 # Mount /system rw first to give the filesystem a chance to save a checkpoint 95 mount yaffs2 mtd@system /system 96 mount yaffs2 mtd@system /system ro remount 97 mount yaffs2 mtd@userdata /data nosuid nodev 98 mount yaffs2 mtd@cache /cache nosuid nodev 99 100 on post-fs 101 # once everything is setup, no need to modify / 102 mount rootfs rootfs / ro remount 103 104 # We chown/chmod /data again so because mount is run as root + defaults 105 chown system system /data 106 chmod 0771 /data 107 108 # Create dump dir and collect dumps. 109 # Do this before we mount cache so eventually we can use cache for 110 # storing dumps on platforms which do not have a dedicated dump partition. 111 112 mkdir /data/dontpanic 113 chown root log /data/dontpanic 114 chmod 0750 /data/dontpanic 115 116 # Collect apanic data, free resources and re-arm trigger 117 copy /proc/apanic_console /data/dontpanic/apanic_console 118 chown root log /data/dontpanic/apanic_console 119 chmod 0640 /data/dontpanic/apanic_console 120 121 copy /proc/apanic_threads /data/dontpanic/apanic_threads 122 chown root log /data/dontpanic/apanic_threads 123 chmod 0640 /data/dontpanic/apanic_threads 124 125 write /proc/apanic_console 1 126 127 # Same reason as /data above 128 chown system cache /cache 129 chmod 0770 /cache 130 131 # This may have been created by the recovery system with odd permissions 132 chown system cache /cache/recovery 133 chmod 0770 /cache/recovery 134 135 #change permissions on vmallocinfo so we can grab it from bugreports 136 chown root log /proc/vmallocinfo 137 chmod 0440 /proc/vmallocinfo 138 139 #change permissions on kmsg & sysrq-trigger so bugreports can grab kthread stacks 140 chown root system /proc/kmsg 141 chmod 0440 /proc/kmsg 142 chown root system /proc/sysrq-trigger 143 chmod 0220 /proc/sysrq-trigger 144 145 # create basic filesystem structure 146 mkdir /data/misc 01771 system misc 147 mkdir /data/misc/bluetoothd 0770 bluetooth bluetooth 148 mkdir /data/misc/bluetooth 0770 system system 149 mkdir /data/misc/keystore 0700 keystore keystore 150 mkdir /data/misc/vpn 0770 system system 151 mkdir /data/misc/systemkeys 0700 system system 152 mkdir /data/misc/vpn/profiles 0770 system system 153 # give system access to wpa_supplicant.conf for backup and restore 154 mkdir /data/misc/wifi 0770 wifi wifi 155 chmod 0770 /data/misc/wifi 156 chmod 0660 /data/misc/wifi/wpa_supplicant.conf 157 mkdir /data/local 0771 shell shell 158 mkdir /data/local/tmp 0771 shell shell 159 mkdir /data/data 0771 system system 160 mkdir /data/app-private 0771 system system 161 mkdir /data/app 0771 system system 162 mkdir /data/property 0700 root root 163 164 # create dalvik-cache and double-check the perms 165 mkdir /data/dalvik-cache 0771 system system 166 chown system system /data/dalvik-cache 167 chmod 0771 /data/dalvik-cache 168 169 # create the lost+found directories, so as to enforce our permissions 170 mkdir /data/lost+found 0770 171 mkdir /cache/lost+found 0770 172 173 # double check the perms, in case lost+found already exists, and set owner 174 chown root root /data/lost+found 175 chmod 0770 /data/lost+found 176 chown root root /cache/lost+found 177 chmod 0770 /cache/lost+found 178 179 on boot 180 # basic network init 181 ifup lo 182 hostname localhost 183 domainname localdomain 184 185 # set RLIMIT_NICE to allow priorities from 19 to -20 186 setrlimit 13 40 40 187 188 # Define the oom_adj values for the classes of processes that can be 189 # killed by the kernel. These are used in ActivityManagerService. 190 setprop ro.FOREGROUND_APP_ADJ 0 191 setprop ro.VISIBLE_APP_ADJ 1 192 setprop ro.PERCEPTIBLE_APP_ADJ 2 193 setprop ro.HEAVY_WEIGHT_APP_ADJ 3 194 setprop ro.SECONDARY_SERVER_ADJ 4 195 setprop ro.BACKUP_APP_ADJ 5 196 setprop ro.HOME_APP_ADJ 6 197 setprop ro.HIDDEN_APP_MIN_ADJ 7 198 setprop ro.EMPTY_APP_ADJ 15 199 200 # Define the memory thresholds at which the above process classes will 201 # be killed. These numbers are in pages (4k). 202 setprop ro.FOREGROUND_APP_MEM 2048 203 setprop ro.VISIBLE_APP_MEM 3072 204 setprop ro.PERCEPTIBLE_APP_MEM 4096 205 setprop ro.HEAVY_WEIGHT_APP_MEM 4096 206 setprop ro.SECONDARY_SERVER_MEM 6144 207 setprop ro.BACKUP_APP_MEM 6144 208 setprop ro.HOME_APP_MEM 6144 209 setprop ro.HIDDEN_APP_MEM 7168 210 setprop ro.EMPTY_APP_MEM 8192 211 212 # Write value must be consistent with the above properties. 213 # Note that the driver only supports 6 slots, so we have combined some of 214 # the classes into the same memory level; the associated processes of higher 215 # classes will still be killed first. 216 write /sys/module/lowmemorykiller/parameters/adj 0,1,2,4,7,15 217 218 write /proc/sys/vm/overcommit_memory 1 219 write /proc/sys/vm/min_free_order_shift 4 220 write /sys/module/lowmemorykiller/parameters/minfree 2048,3072,4096,6144,7168,8192 221 222 # Set init its forked children's oom_adj. 223 write /proc/1/oom_adj -16 224 225 # Tweak background writeout 226 write /proc/sys/vm/dirty_expire_centisecs 200 227 write /proc/sys/vm/dirty_background_ratio 5 228 229 # Permissions for System Server and daemons. 230 chown radio system /sys/android_power/state 231 chown radio system /sys/android_power/request_state 232 chown radio system /sys/android_power/acquire_full_wake_lock 233 chown radio system /sys/android_power/acquire_partial_wake_lock 234 chown radio system /sys/android_power/release_wake_lock 235 chown radio system /sys/power/state 236 chown radio system /sys/power/wake_lock 237 chown radio system /sys/power/wake_unlock 238 chmod 0660 /sys/power/state 239 chmod 0660 /sys/power/wake_lock 240 chmod 0660 /sys/power/wake_unlock 241 chown system system /sys/class/timed_output/vibrator/enable 242 chown system system /sys/class/leds/keyboard-backlight/brightness 243 chown system system /sys/class/leds/lcd-backlight/brightness 244 chown system system /sys/class/leds/button-backlight/brightness 245 chown system system /sys/class/leds/jogball-backlight/brightness 246 chown system system /sys/class/leds/red/brightness 247 chown system system /sys/class/leds/green/brightness 248 chown system system /sys/class/leds/blue/brightness 249 chown system system /sys/class/leds/red/device/grpfreq 250 chown system system /sys/class/leds/red/device/grppwm 251 chown system system /sys/class/leds/red/device/blink 252 chown system system /sys/class/leds/red/brightness 253 chown system system /sys/class/leds/green/brightness 254 chown system system /sys/class/leds/blue/brightness 255 chown system system /sys/class/leds/red/device/grpfreq 256 chown system system /sys/class/leds/red/device/grppwm 257 chown system system /sys/class/leds/red/device/blink 258 chown system system /sys/class/timed_output/vibrator/enable 259 chown system system /sys/module/sco/parameters/disable_esco 260 chown system system /sys/kernel/ipv4/tcp_wmem_min 261 chown system system /sys/kernel/ipv4/tcp_wmem_def 262 chown system system /sys/kernel/ipv4/tcp_wmem_max 263 chown system system /sys/kernel/ipv4/tcp_rmem_min 264 chown system system /sys/kernel/ipv4/tcp_rmem_def 265 chown system system /sys/kernel/ipv4/tcp_rmem_max 266 chown root radio /proc/cmdline 267 268 # Define TCP buffer sizes for various networks 269 # ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax, 270 setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208 271 setprop net.tcp.buffersize.wifi 4095,87380,110208,4096,16384,110208 272 setprop net.tcp.buffersize.umts 4094,87380,110208,4096,16384,110208 273 setprop net.tcp.buffersize.edge 4093,26280,35040,4096,16384,35040 274 setprop net.tcp.buffersize.gprs 4092,8760,11680,4096,8760,11680 275 276 class_start default 277 278 ## Daemon processes to be run by init. 279 ## 280 service ueventd /sbin/ueventd 281 critical 282 283 service console /system/bin/sh 284 console 285 disabled 286 user shell 287 group log 288 289 on property:ro.secure=0 290 start console 291 292 # adbd is controlled by the persist.service.adb.enable system property 293 service adbd /sbin/adbd 294 disabled 295 296 # adbd on at boot in emulator 297 on property:ro.kernel.qemu=1 298 start adbd 299 300 on property:persist.service.adb.enable=1 301 start adbd 302 303 on property:persist.service.adb.enable=0 304 stop adbd 305 306 service servicemanager /system/bin/servicemanager 307 user system 308 critical 309 onrestart restart zygote 310 onrestart restart media 311 312 service vold /system/bin/vold 313 socket vold stream 0660 root mount 314 ioprio be 2 315 316 service netd /system/bin/netd 317 socket netd stream 0660 root system 318 319 service debuggerd /system/bin/debuggerd 320 321 service ril-daemon /system/bin/rild 322 socket rild stream 660 root radio 323 socket rild-debug stream 660 radio system 324 user root 325 group radio cache inet misc audio sdcard_rw 326 327 service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server 328 socket zygote stream 666 329 onrestart write /sys/android_power/request_state wake 330 onrestart write /sys/power/state on 331 onrestart restart media 332 onrestart restart netd 333 334 service media /system/bin/mediaserver 335 user media 336 group system audio camera graphics inet net_bt net_bt_admin net_raw 337 ioprio rt 4 338 339 service bootanim /system/bin/bootanimation 340 user graphics 341 group graphics 342 disabled 343 oneshot 344 345 service dbus /system/bin/dbus-daemon --system --nofork 346 socket dbus stream 660 bluetooth bluetooth 347 user bluetooth 348 group bluetooth net_bt_admin 349 350 service bluetoothd /system/bin/bluetoothd -n 351 socket bluetooth stream 660 bluetooth bluetooth 352 socket dbus_bluetooth stream 660 bluetooth bluetooth 353 # init.rc does not yet support applying capabilities, so run as root and 354 # let bluetoothd drop uid to bluetooth with the right linux capabilities 355 group bluetooth net_bt_admin misc 356 disabled 357 358 service hfag /system/bin/sdptool add --channel=10 HFAG 359 user bluetooth 360 group bluetooth net_bt_admin 361 disabled 362 oneshot 363 364 service hsag /system/bin/sdptool add --channel=11 HSAG 365 user bluetooth 366 group bluetooth net_bt_admin 367 disabled 368 oneshot 369 370 service opush /system/bin/sdptool add --channel=12 OPUSH 371 user bluetooth 372 group bluetooth net_bt_admin 373 disabled 374 oneshot 375 376 service pbap /system/bin/sdptool add --channel=19 PBAP 377 user bluetooth 378 group bluetooth net_bt_admin 379 disabled 380 oneshot 381 382 service installd /system/bin/installd 383 socket installd stream 600 system system 384 385 service flash_recovery /system/etc/install-recovery.sh 386 oneshot 387 388 service racoon /system/bin/racoon 389 socket racoon stream 600 system system 390 # racoon will setuid to vpn after getting necessary resources. 391 group net_admin 392 disabled 393 oneshot 394 395 service mtpd /system/bin/mtpd 396 socket mtpd stream 600 system system 397 user vpn 398 group vpn net_admin net_raw 399 disabled 400 oneshot 401 402 service keystore /system/bin/keystore /data/misc/keystore 403 user keystore 404 group keystore 405 socket keystore stream 666 406 407 service dumpstate /system/bin/dumpstate -s 408 socket dumpstate stream 0660 shell log 409 disabled 410 oneshot 411
