Shell script on boot
204 views
Skip to first unread message
Alexis LE GOFF
Jan 14, 2016, 6:42:53 PM1/14/16
to android-porting
Dears,
I am developing a connected object based on Android. I'm developing on
Nexus7 (Tilapia) with Android 5.1. What I want to do is very basic: I
want to set firewall rules on the image. So I did this:
in the `on boot` section of init.grouper.rc I added this
start myproject-setup
and then at the end of init.grouper.rc:
service myproject-setup system/etc/init.myproject.sh
user root
group root
oneshot
in the init.myproject.sh I put all the iptables rules. this file is
executable (I set it in android_filesystem_config.h)
Problem: this was working perfectly with Android 4.4.4 but with
Android 5.1 nothing happens. Iptables rules are not set. I can
manually set these rules by running /system/etc/init.myproject.sh but
I want these iptables rules set at startup automatically.
How can I debug this? What've changed in Android 5 that could be
linked to my issue?
I am developing a connected object based on Android. I'm developing on
Nexus7 (Tilapia) with Android 5.1. What I want to do is very basic: I
want to set firewall rules on the image. So I did this:
in the `on boot` section of init.grouper.rc I added this
start myproject-setup
and then at the end of init.grouper.rc:
service myproject-setup system/etc/init.myproject.sh
user root
group root
oneshot
in the init.myproject.sh I put all the iptables rules. this file is
executable (I set it in android_filesystem_config.h)
Problem: this was working perfectly with Android 4.4.4 but with
Android 5.1 nothing happens. Iptables rules are not set. I can
manually set these rules by running /system/etc/init.myproject.sh but
I want these iptables rules set at startup automatically.
How can I debug this? What've changed in Android 5 that could be
linked to my issue?
游昌宁
Jan 15, 2016, 1:47:12 PM1/15/16
to alexis...@gmail.com, android-porting
Hi, Alexis:
You should check logcat/dmesg to see if there have any "avc: denied" log related to your service.
And also you could add log to your script, something like 【log -t MYPROJECT "xxxxxxxxxxxxxx log xxxxxxxxxx"】, and then check out if it is executed.
--
--
unsubscribe: android-porti...@googlegroups.com
website: http://groups.google.com/group/android-porting
---
You received this message because you are subscribed to the Google Groups "android-porting" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-porti...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Alexis LE GOFF
Jan 17, 2016, 1:58:53 PM1/17/16
to android-porting, alexis...@gmail.com
Thanks, good idea!
I added this line just after all the iptables rules in my shell script file:
log -t MYPROJECT $(iptables -vnL INPUT 2>&1 >/dev/null)
and the result is
iptables v1.4.20: can't initialize iptables table `filter': Permission denied Perhaps iptables or your kernel needs to be upgraded.
This is strange because after bood when I run my script from shell manually it works great. No iptables errors
Any idea?
Gary A
Feb 1, 2016, 11:56:43 AM2/1/16
to android-porting, alexis...@gmail.com
I'd check for the "avc: denied" log as previously mentioned; if you have selinux=enforced...
I take it an init.d script wouldn't work here / isn't supported? That would work I think if the system starts in SELinux enforced and switches to permissive late (thus allowing you to manually execute it)
I take it an init.d script wouldn't work here / isn't supported? That would work I think if the system starts in SELinux enforced and switches to permissive late (thus allowing you to manually execute it)
Reply all
Reply to author
Forward
0 new messages