commit a0ee51ef1207108de4d5732058f38d981c5e85db
author Jorge Lucangeli Obes <jorgelo@google.com> Wed Jan 06 13:19:25 2016 -0800
committer Jorge Lucangeli Obes <jorgelo@google.com> Wed Jan 06 13:19:25 2016 -0800
tree db2415d5e013cc952650b8a5e7a0f6b893824cb7
parent 1e423d2f3622377f37042acb9562264b56d652ed

Use specific users for metricsd/metrics_collector.

/data/misc/metricsd only needs to be accessed by metricsd.
/data/misc/metrics_collector only needs to be accessed by
metrics_collector.

/data/misc/metrics needs to be writable by metrics_collector
and readable by metricsd. Make it 0750 metrics_collector:system
and keep running metricsd as group 'system' to allow reading.

Bug: 26337609
Change-Id: I169573cc547f154daa8b65c5f13bdc20964a3f2c

metricsd/metrics_collector.rc

diff --git a/metricsd/metrics_collector.rc b/metricsd/metrics_collector.rc
index 2e7e0ae..3dcb2d7 100644
--- a/metricsd/metrics_collector.rc
+++ b/metricsd/metrics_collector.rc
@@ -1,4 +1,4 @@
 service metricscollector /system/bin/metrics_collector --foreground --logtosyslog
     class late_start
-    user system
-    group system dbus
+    user metrics_coll
+    group metrics_coll dbus

metricsd/metricsd.rc

diff --git a/metricsd/metricsd.rc b/metricsd/metricsd.rc
index 359d0d1..825c87f 100644
--- a/metricsd/metricsd.rc
+++ b/metricsd/metricsd.rc
@@ -1,9 +1,9 @@
 on post-fs-data
-    mkdir /data/misc/metrics 0770 system system
-    mkdir /data/misc/metricsd 0700 system system
-    mkdir /data/misc/metrics_collector 0700 system system
+    mkdir /data/misc/metrics 0750 metrics_coll system
+    mkdir /data/misc/metricsd 0700 metricsd metricsd
+    mkdir /data/misc/metrics_collector 0700 metrics_coll metrics_coll
 
 service metricsd /system/bin/metricsd --foreground --logtosyslog
     class late_start
-    user system
+    user metricsd
     group system dbus inet