diff options
author | Peter Collingbourne <pcc@google.com> | 2024-03-12 17:55:18 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-03-12 17:55:18 +0000 |
commit | 7551cc8648b1d93db333976deb75749410d6ffbc (patch) | |
tree | 1b3d590c67e0ef8568162e84c96d6cfbba6e9691 | |
parent | a21f7a625a0673175190b141ed8d04806db26504 (diff) | |
parent | fc3fd76d6d0451567c809692dda0b7e87853208a (diff) | |
download | adb-7551cc8648b1d93db333976deb75749410d6ffbc.tar.gz |
Merge "Revert "adb: Do not use fs_config unless we are root."" into main
-rw-r--r-- | daemon/file_sync_service.cpp | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/daemon/file_sync_service.cpp b/daemon/file_sync_service.cpp index a549beee..5891d30e 100644 --- a/daemon/file_sync_service.cpp +++ b/daemon/file_sync_service.cpp @@ -68,9 +68,14 @@ using android::base::Dirname; using android::base::Realpath; using android::base::StringPrintf; -static bool should_use_fs_config() { - // Only root has the necessary permissions to be able to apply fs_config. - return getuid() == 0; +static bool should_use_fs_config(const std::string& path) { +#if defined(__ANDROID__) + // TODO: use fs_config to configure permissions on /data too. + return !android::base::StartsWith(path, "/data/"); +#else + UNUSED(path); + return false; +#endif } static bool update_capabilities(const char* path, uint64_t capabilities) { @@ -114,7 +119,7 @@ static bool secure_mkdirs(const std::string& path) { } partial_path += path_component; - if (should_use_fs_config()) { + if (should_use_fs_config(partial_path)) { adbd_fs_config(partial_path.c_str(), 1, nullptr, &uid, &gid, &mode, &capabilities); } if (adb_mkdir(partial_path.c_str(), mode) == -1) { @@ -525,7 +530,7 @@ static bool send_impl(int s, const std::string& path, mode_t mode, CompressionTy uid_t uid = -1; gid_t gid = -1; uint64_t capabilities = 0; - if (should_use_fs_config() && !dry_run) { + if (should_use_fs_config(path) && !dry_run) { adbd_fs_config(path.c_str(), 0, nullptr, &uid, &gid, &mode, &capabilities); } |