Fix multiuser mode
This commit is contained in:
parent
40b6de599c
commit
875c687e3f
38
db.c
38
db.c
@ -60,6 +60,8 @@ static int settings_callback(void *v, int argc, char **argv, char **azColName) {
|
|||||||
|
|
||||||
void database_check(struct su_context *ctx) {
|
void database_check(struct su_context *ctx) {
|
||||||
sqlite3 *db = NULL;
|
sqlite3 *db = NULL;
|
||||||
|
int ret;
|
||||||
|
char query[512], *err = NULL;
|
||||||
|
|
||||||
// Set default values
|
// Set default values
|
||||||
ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB;
|
ctx->info->root_access = ROOT_ACCESS_APPS_AND_ADB;
|
||||||
@ -67,33 +69,57 @@ void database_check(struct su_context *ctx) {
|
|||||||
ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER;
|
ctx->info->mnt_ns = NAMESPACE_MODE_REQUESTER;
|
||||||
ctx->info->policy = QUERY;
|
ctx->info->policy = QUERY;
|
||||||
|
|
||||||
|
// First query the from app data
|
||||||
// Check if file is readable
|
// Check if file is readable
|
||||||
if (access(ctx->user.database_path, R_OK) == -1)
|
if (access(APP_DATA_PATH REQUESTOR_DATABASE_PATH, R_OK) == -1)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
// Open database
|
// Open database
|
||||||
int ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL);
|
ret = sqlite3_open_v2(APP_DATA_PATH REQUESTOR_DATABASE_PATH, &db, SQLITE_OPEN_READONLY, NULL);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
|
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
|
||||||
sqlite3_close(db);
|
sqlite3_close(db);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
char query[512], *err = NULL;
|
// Check multiuser mode settings
|
||||||
|
snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key='%s'", MULTIUSER_MODE_ENTRY);
|
||||||
|
sqlite3_exec(db, query, settings_callback, ctx, &err);
|
||||||
|
|
||||||
|
err = NULL;
|
||||||
|
|
||||||
|
if (ctx->user.android_user_id != 0 && ctx->info->multiuser_mode == MULTIUSER_MODE_USER) {
|
||||||
|
sqlite3_close(db);
|
||||||
|
// Check if file is readable
|
||||||
|
if (access(ctx->user.database_path, R_OK) == -1)
|
||||||
|
return;
|
||||||
|
|
||||||
|
// Open database
|
||||||
|
ret = sqlite3_open_v2(ctx->user.database_path, &db, SQLITE_OPEN_READONLY, NULL);
|
||||||
|
if (ret) {
|
||||||
|
LOGD("sqlite3 open failure: %s\n", sqlite3_errstr(ret));
|
||||||
|
sqlite3_close(db);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Query for policy
|
// Query for policy
|
||||||
snprintf(query, sizeof(query), "SELECT policy, until FROM policies WHERE uid=%d", ctx->info->uid % 100000);
|
snprintf(query, sizeof(query), "SELECT policy, until FROM policies WHERE uid=%d", ctx->info->uid % 100000);
|
||||||
sqlite3_exec(db, query, policy_callback, ctx, &err);
|
sqlite3_exec(db, query, policy_callback, ctx, &err);
|
||||||
if (err != NULL)
|
if (err != NULL) {
|
||||||
LOGE("sqlite3_exec: %s\n", err);
|
LOGE("sqlite3_exec: %s\n", err);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
err = NULL;
|
err = NULL;
|
||||||
|
|
||||||
// Query for settings
|
// Query for settings
|
||||||
snprintf(query, sizeof(query), "SELECT key, value FROM settings");
|
snprintf(query, sizeof(query), "SELECT key, value FROM settings WHERE key!='%s'", MULTIUSER_MODE_ENTRY);
|
||||||
sqlite3_exec(db, query, settings_callback, ctx, &err);
|
sqlite3_exec(db, query, settings_callback, ctx, &err);
|
||||||
if (err != NULL)
|
if (err != NULL) {
|
||||||
LOGE("sqlite3_exec: %s\n", err);
|
LOGE("sqlite3_exec: %s\n", err);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
sqlite3_close(db);
|
sqlite3_close(db);
|
||||||
}
|
}
|
||||||
|
6
su.h
6
su.h
@ -89,12 +89,6 @@ struct su_user_info {
|
|||||||
// the user in android userspace (multiuser)
|
// the user in android userspace (multiuser)
|
||||||
// that invoked this action.
|
// that invoked this action.
|
||||||
unsigned android_user_id;
|
unsigned android_user_id;
|
||||||
// path to superuser directory. this is populated according
|
|
||||||
// to the multiuser mode.
|
|
||||||
// this is used to check uid/gid for protecting socket.
|
|
||||||
// this is used instead of database, as it is more likely
|
|
||||||
// to exist. db will not exist if su has never launched.
|
|
||||||
char base_path[PATH_MAX];
|
|
||||||
// path to su database. this is populated according
|
// path to su database. this is populated according
|
||||||
// to the multiuser mode.
|
// to the multiuser mode.
|
||||||
char database_path[PATH_MAX];
|
char database_path[PATH_MAX];
|
||||||
|
@ -155,11 +155,9 @@ void su_daemon_receiver(int client) {
|
|||||||
|
|
||||||
snprintf(su_ctx->user.database_path, PATH_MAX, "%s/%d/%s",
|
snprintf(su_ctx->user.database_path, PATH_MAX, "%s/%d/%s",
|
||||||
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR_DATABASE_PATH);
|
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR_DATABASE_PATH);
|
||||||
snprintf(su_ctx->user.base_path, PATH_MAX, "%s/%d/%s",
|
|
||||||
USER_DATA_PATH, su_ctx->user.android_user_id, REQUESTOR);
|
|
||||||
|
|
||||||
// verify if Magisk Manager is installed
|
// verify if Magisk Manager is installed
|
||||||
xstat(su_ctx->user.base_path, &su_ctx->st);
|
xstat(APP_DATA_PATH REQUESTOR, &su_ctx->st);
|
||||||
// odd perms on superuser data dir
|
// odd perms on superuser data dir
|
||||||
if (su_ctx->st.st_gid != su_ctx->st.st_uid) {
|
if (su_ctx->st.st_gid != su_ctx->st.st_uid) {
|
||||||
LOGE("Bad uid/gid %d/%d for Superuser Requestor application", su_ctx->st.st_uid, su_ctx->st.st_gid);
|
LOGE("Bad uid/gid %d/%d for Superuser Requestor application", su_ctx->st.st_uid, su_ctx->st.st_gid);
|
||||||
|
Loading…
Reference in New Issue
Block a user