Running shell file at the time of booting using service of init

Which Khadas SBC do you use?

KVIM3

Which system do you use? Android, Ubuntu, OOWOW or others?

Android

Which version of system do you use? Khadas official images, self built images, or others?

selfbuilt images aosp9 — user build (no super user binaries are there)

Please describe your issue below:

I did a user build for aosp9 so will not have su binaries for build, I want to assign persistent static ip to ehternet eth0 for my khadas vim3 sbc. For that I want to run the shell file below every time when vim3 get booted up to configure static ip to vim3 (note: I am able to do this for RPi-4 (user debug build - su binaries are present) with similar kind of procedure)

device/khadas/kvim3/staticaddr/staticaddr.sh :

#!/system/bin/sh
# Add the IP address to the eth0 interface
ip addr add 192.168.43.0/24 dev eth0

# Check if the command was successful
if [ $? -eq 0 ]; then
  echo "IP address added successfully."
else
  echo "Failed to add IP address."
fi

I want to run this shell file with help of a service wtih root permissions to make that command work. device/khadas/kvim3/staticaddr/init.staticaddr.rc :

    # Set up the ethernet ipv4 addr

    service staticaddr /vendor/bin/sh /vendor/etc/staticcommand.sh
        class core
        user root 
        group root 
        oneshot

I wrote staticaddr.te file for this service like this and added in
device/khadas/common/sepolicy/staticaddr.te :

type staticaddr, domain;
type staticaddr_exec, exec_type, vendor_file_type, file_type;
allow staticaddr staticaddr_exec:file rx_file_perms;

init_daemon_domain(staticaddr)

In device/khadas/common/sepolicy/file_contexts file at end I have added this line

# static ip
/vendor/bin/staticaddr          u:object_r:staticaddr_exec:s0

In device/khadas/kvim3/kvim3.mk at middle I have added these lines:

PRODUCT_COPY_FILES += \
        device/khadas/kvim3/staticaddr/init.staticaddr.rc:/root/init.staticaddr.rc \
        device/khadas/kvim3/staticaddr/staticaddr.sh:/vendor/etc/staticaddr.sh

In device/khadas/kvim3/init.amlogic.board.rc I have added these lines:

import init.staticaddr.rc

The build process is completing successfully, but I’m not seeing any output or traces indicating that the shell script is running as expected. Specifically, the static IP assignment to the Ethernet interface is not occurring. When I execute the adb shell service list command, I don’t see the service name listed, and the Ethernet IP address is not being updated.

can anyone please guide me, where I am doing wrong

Hello @katta_Prudhvi_Raj

@xiong.zhang wil help you then.

There was a post before about adding a shell service to rc. Can you see if it can solve your problem?

Hi,
thanks for your response, will see and work on it

If you want to modify the static IP of eth0, you can connect to Ethernet and there is an IP setting in the network settings in the settings. After you can manually modify the static IP, as long as you do not restore the factory settings or flash the machine, the static IP of this setting will always be in effect. of

image1920×1080 100 KB

Hi,
yeah I know this feature but we want to incorporate it through source code build for some reasons, and also to improve our capability to run shell file after boot through init service which will help us to do future tasks.

Hi @xiong.zhang ,
I followed this procedure, build is getting failed due to selinux policy for user build, I have mentioned clearly in the thread you shared above with log,can I continue discussion on that thread or should I post here.

Hello, maybe you need the attribute persist

I did not understood are you speaking about these things ?

 #                     media ext
@@ -84,6 +87,9 @@ PRODUCT_PROPERTY_OVERRIDES += \
 PRODUCT_PROPERTY_OVERRIDES += \
         persist.sys.func.key.action=102
 
+PRODUCT_PROPERTY_OVERRIDES += \
+        persist.powermanagement.service=0
+

• The path is /system/core

From 58bb3dbc8234c954400954fd5032e9a606fdc5f5 Mon Sep 17 00:00:00 2001
From: Xiong Zhang <xiong.zhang@wesion.com>
Date: Thu, 23 Mar 2023 14:02:03 +0800
Subject: [PATCH] test2

Signed-off-by: Xiong Zhang <xiong.zhang@wesion.com>
---
 init/stable_properties.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/init/stable_properties.h b/init/stable_properties.h
index 4972d101f..ca3552c64 100644
--- a/init/stable_properties.h
+++ b/init/stable_properties.h
@@ -25,7 +25,7 @@ namespace init {
 
 static constexpr const char* kPartnerPrefixes[] = {
     "init.svc.vendor.", "ro.vendor.", "persist.vendor.", "vendor.", "init.svc.odm.", "ro.odm.",
-    "persist.odm.",     "odm.",       "ro.boot.",
+    "persist.odm.",     "odm.",       "ro.boot.",       "persist.powermanagement.",
 };
 
 static const std::set<std::string> kExportedActionableProperties = {
-- 
2.17.1

This is my staticaddr.te file:

type staticaddr, domain, vendor_executes_system_violators, data_between_core_and_vendor_violators;

type staticaddr_exec, exec_type, vendor_file_type, file_type;

permissive staticaddr;

init_daemon_domain(staticaddr)

I got this following errors in build

make[1]: Leaving directory '/home/expleo/aosp9/out/target/product/kvim3/obj/KERNEL_OBJ'
make: Leaving directory '/home/expleo/aosp9/common'
[  8% 21/252] build out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy
FAILED: out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy 
/bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 		30 -o out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf ) && (out/host/linux-x86/bin/sepolicy-analyze out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp permissive > out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ) && (if [ \"user\" = \"user\" -a -s out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains ]; then 		echo \"==========\" 1>&2; 		echo \"ERROR: permissive domains not allowed in user builds\" 1>&2; 		echo \"List of invalid domains:\" 1>&2; 		cat out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.permissivedomains 1>&2; 		exit 1; 		fi ) && (mv out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy )"
out/host/linux-x86/bin/checkpolicy:  loading policy configuration from out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf
out/host/linux-x86/bin/checkpolicy:  policy configuration loaded
out/host/linux-x86/bin/checkpolicy:  writing binary representation (version 30) to out/target/product/kvim3/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp
==========
ERROR: permissive domains not allowed in user builds
List of invalid domains:
staticaddr
[  8% 22/252] build out/target/product/kvim3/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
out/host/linux-x86/bin/checkpolicy:  loading policy configuration from out/target/product/kvim3/obj/ETC/sepolicy_neverallows_intermediates/policy.conf
out/host/linux-x86/bin/checkpolicy:  policy configuration loaded
out/host/linux-x86/bin/checkpolicy:  writing binary representation (version 30) to out/target/product/kvim3/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
[ 10% 26/252] make Image
make: Entering directory '/home/expleo/aosp9/common'

it showing error permissive domains not allowed in user builds and list of invalid domain as my staticaddr domain. , I think it will work flawlessly for user debug build but my build is user build. so its not working for this

Hi,
I changed staticaddr.te file with this content

type staticaddra, domain, mlstrustedsubject;

type staticaddra_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(staticaddra)

now its not giving any error and getting build, but I found no traces of service up and this shell file getting run

 #!/system/bin/sh

# Add the IP address to the eth0 interface
ip addr add 192.168.43.1/24 dev eth0

# Check if the command was successful
if [ $? -eq 0 ]; then
  echo "IP address added successfully." >> /data/local/tmp/shelltest5.txt
else
  echo "Failed to add IP address." >> /data/local/tmp/shelltest5.txt
fi

@xiong.zhang can you help in this

Please add the following command and try again

ip addr add 192.168.43.1/24 dev eth0
ifconfig eth0 192.168.43.1/24 up

kvim3l:/ # ifconfig eth0
eth0      Link encap:Ethernet  HWaddr c8:63:14:72:11:a6  Driver meson6-dwmac
          inet addr:192.168.31.32  Bcast:192.168.31.255  Mask:255.255.252.0
          inet6 addr: fe80::4fcf:ba19:dd6b:72ff/64 Scope: Link
          inet6 addr: fd08:dc97:9469:41f6:75f8:18c:cb5d:7f81/64 Scope: Global
          inet6 addr: fd08:dc97:9469:41f6:bc01:bd0b:c44:e5ab/64 Scope: Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:45233 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10385 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:48684084 TX bytes:860542
          Interrupt:13

kvim3l:/ # ip addr add 192.168.43.1/24 dev eth0
kvim3l:/ # ifconfig eth0 192.168.43.1/24 up
ifconfig: ioctl 8916: File exists
1|kvim3l:/ # ifconfig eth0
eth0      Link encap:Ethernet  HWaddr c8:63:14:72:11:a6  Driver meson6-dwmac
          inet addr:192.168.43.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fda2:a164:f7fb:4b66:dc48:1838:5ac3:2965/64 Scope: Global
          inet6 addr: fe80::4fcf:ba19:dd6b:72ff/64 Scope: Link
          inet6 addr: fd08:dc97:9469:41f6:75f8:18c:cb5d:7f81/64 Scope: Global
          inet6 addr: fda2:a164:f7fb:4b66:75f8:18c:cb5d:7f81/64 Scope: Global
          inet6 addr: fd08:dc97:9469:41f6:bc01:bd0b:c44:e5ab/64 Scope: Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:49431 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11233 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:51363047 TX bytes:1055241
          Interrupt:13

Hi @xiong.zhang ,
Thanks so much for your patient reply. My problem with the custom service not starting and the shell file not running as root was caused by missing su binaries. I had removed su binaries by doing git remits of patches suggested by you in different thread to solve an Intune company portal rooted device issue in a user build. So I cherry picked those git commits and followed the procedure below, I was able to run a service that will run the shell file after boot completes.

1. adding shell file at device/khadas/kvim3/staticaddra.sh*
   staticaddra.sh

#!/system/bin/sh

# Add the IP address to the eth0 interface
ip addr add 192.168.43.1/24 dev eth0

# Check if the command was successful
if [ $? -eq 0 ]; then
  echo "IP address added successfully." >> /data/local/tmp/shelltest5.txt
else
  echo "Failed to add IP address." >> /data/local/tmp/shelltest5.txt
fi

2. copying that shell file to vendor/bin in kvim.mk file— add this line to following file
   device/khadas/kvim3/kvim3.mk

PRODUCT_COPY_FILES += \ device/khadas/kvim3/staticaddra.sh:/vendor/bin/staticaddra.sh

3. adding executable in files_context file
   device/khadas/common/sepolicy/files_context

/vendor/bin/staticaddra.sh u:object_r:staticaddra_exec:s0

4. adding .te file for our service
   device/khadas/common/sepolicy/staticaddra.te
   staticaddra.te

type staticaddra, domain, mlstrustedsubject;
type staticaddra_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(staticaddra)

5. adding our custom service in init.rc
   system/core/rootdir/init.rc

service staticaddra /vendor/bin/staticaddra.sh
    class main
    user root
    group root
    disabled
    oneshot

on property:sys.boot_completed=1
    chmod 0773 /vendor/bin/staticaddr.sh
    start staticaddra

after doing all these changes whether it is an user build or an userdebug build service will start after boot completed and run this shell file. Thankyou once again @xiong.zhang , @numbqq for your swift response and patient replies for helping to complete this task.

This is something I didn’t expect . Executing the specified script during the boot process requires root permissions or busybox tools.

Thanks for your help and guidance