mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-11-30 21:45:27 +00:00
Improve multiuser notifications
This commit is contained in:
parent
94c2fc80d2
commit
3395c84560
65
activity.c
65
activity.c
@ -39,16 +39,17 @@ static void silent_run(char* const args[]) {
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
static void setup_user(struct su_context *ctx, char* user) {
|
||||
static int setup_user(struct su_context *ctx, char* user) {
|
||||
switch (ctx->user.multiuser_mode) {
|
||||
case MULTIUSER_MODE_OWNER_ONLY: /* Should already be denied if not owner */
|
||||
case MULTIUSER_MODE_OWNER_MANAGED:
|
||||
sprintf(user, "%d", 0);
|
||||
break;
|
||||
return ctx->user.android_user_id;
|
||||
case MULTIUSER_MODE_USER:
|
||||
sprintf(user, "%d", ctx->user.android_user_id);
|
||||
break;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
void app_send_result(struct su_context *ctx, policy_t policy) {
|
||||
@ -62,11 +63,17 @@ void app_send_result(struct su_context *ctx, policy_t policy) {
|
||||
sprintf(pid, "%d", ctx->from.pid);
|
||||
|
||||
char user[16];
|
||||
setup_user(ctx, user);
|
||||
int notify = setup_user(ctx, user);
|
||||
|
||||
// Send notice to manager, enable logging
|
||||
char *result_command[] = {
|
||||
AM_PATH,
|
||||
ACTION_RESULT,
|
||||
"--user",
|
||||
user,
|
||||
"--ei",
|
||||
"mode",
|
||||
"0",
|
||||
"--ei",
|
||||
"from.uid",
|
||||
fromUid,
|
||||
@ -82,27 +89,65 @@ void app_send_result(struct su_context *ctx, policy_t policy) {
|
||||
"--es",
|
||||
"action",
|
||||
policy == ALLOW ? "allow" : "deny",
|
||||
"--user",
|
||||
user,
|
||||
NULL
|
||||
};
|
||||
silent_run(result_command);
|
||||
|
||||
// Send notice to user (if needed) to create toasts
|
||||
if (notify) {
|
||||
sprintf(user, "%d", notify);
|
||||
char *notify_command[] = {
|
||||
AM_PATH,
|
||||
ACTION_RESULT,
|
||||
"--user",
|
||||
user,
|
||||
"--ei",
|
||||
"mode",
|
||||
"1",
|
||||
"--ei",
|
||||
"from.uid",
|
||||
fromUid,
|
||||
"--es",
|
||||
"action",
|
||||
policy == ALLOW ? "allow" : "deny",
|
||||
NULL
|
||||
};
|
||||
silent_run(notify_command);
|
||||
}
|
||||
}
|
||||
|
||||
void app_send_request(struct su_context *ctx) {
|
||||
char user[64];
|
||||
setup_user(ctx, user);
|
||||
char user[16];
|
||||
int notify = setup_user(ctx, user);
|
||||
|
||||
char *request_command[] = {
|
||||
AM_PATH,
|
||||
ACTION_REQUEST,
|
||||
"--user",
|
||||
user,
|
||||
"--es",
|
||||
"socket",
|
||||
ctx->sock_path,
|
||||
"--user",
|
||||
user,
|
||||
"--ez",
|
||||
"timeout",
|
||||
notify ? "false" : "true",
|
||||
NULL
|
||||
};
|
||||
|
||||
silent_run(request_command);
|
||||
|
||||
// Send notice to user to tell them root is managed by owner
|
||||
if (notify) {
|
||||
sprintf(user, "%d", notify);
|
||||
char *notify_command[] = {
|
||||
AM_PATH,
|
||||
ACTION_RESULT,
|
||||
"--user",
|
||||
user,
|
||||
"--ei",
|
||||
"mode",
|
||||
"2",
|
||||
NULL
|
||||
};
|
||||
silent_run(notify_command);
|
||||
}
|
||||
}
|
||||
|
13
su.c
13
su.c
@ -273,7 +273,7 @@ int su_daemon_main(int argc, char **argv) {
|
||||
printf("Owner managed: Only owner can manage root access and receive request prompts\n");
|
||||
break;
|
||||
case MULTIUSER_MODE_OWNER_ONLY:
|
||||
printf("User independent: The user has its own separate root rules\n");
|
||||
printf("User independent: Each user has its own separate root rules\n");
|
||||
break;
|
||||
}
|
||||
exit(EXIT_SUCCESS);
|
||||
@ -336,6 +336,11 @@ int su_daemon_main(int argc, char **argv) {
|
||||
// verify if Magisk Manager is installed
|
||||
xstat(ctx.user.base_path, &st);
|
||||
|
||||
// always allow if this is Magisk Manager
|
||||
if (ctx.from.uid == (st.st_uid % 100000)) {
|
||||
allow();
|
||||
}
|
||||
|
||||
// odd perms on superuser data dir
|
||||
if (st.st_gid != st.st_uid) {
|
||||
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
|
||||
@ -368,12 +373,6 @@ int su_daemon_main(int argc, char **argv) {
|
||||
setprop(ROOT_ACCESS_PROP, xstr(ROOT_ACCESS_APPS_AND_ADB));
|
||||
}
|
||||
|
||||
// always allow if this is the superuser uid
|
||||
// superuser needs to be able to reenable itself when disabled...
|
||||
if (ctx.from.uid == st.st_uid) {
|
||||
allow();
|
||||
}
|
||||
|
||||
// Allow root to start root
|
||||
if (ctx.from.uid == UID_ROOT) {
|
||||
allow();
|
||||
|
Loading…
Reference in New Issue
Block a user