From 0e9415655c25894ed57409805a4cc054375f1f2c Mon Sep 17 00:00:00 2001 From: openharmony_ci <120357966@qq.com> Date: Sun, 25 Jun 2023 07:27:16 +0000 Subject: [PATCH] =?UTF-8?q?=E5=9B=9E=E9=80=80=20'Pull=20Request=20!2035=20?= =?UTF-8?q?:=20=E9=9C=80=E6=B1=82=EF=BC=9A=E7=B3=BB=E7=BB=9F/=E8=8A=AF?= =?UTF-8?q?=E7=89=87=E6=B2=99=E7=9B=92=E8=B5=84=E6=BA=90=E6=9C=80=E5=B0=8F?= =?UTF-8?q?=E5=8C=96'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- services/sandbox/chipset-sandbox.json | 69 +++++++++++---------------- services/sandbox/system-sandbox.json | 24 ++++------ 2 files changed, 35 insertions(+), 58 deletions(-) diff --git a/services/sandbox/chipset-sandbox.json b/services/sandbox/chipset-sandbox.json index f0ab32eed..da8534005 100644 --- a/services/sandbox/chipset-sandbox.json +++ b/services/sandbox/chipset-sandbox.json @@ -1,26 +1,36 @@ { "sandbox-root" : "/mnt/sandbox/chipset", - "mount-bind-paths" : [ - { + "mount-bind-paths" : [{ "src-path" : "/system/bin", "sandbox-path" : "/system/bin", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/system/etc/selinux", - "sandbox-path" : "/system/etc/selinux", + "src-path" : "/system/etc", + "sandbox-path" : "/system/etc", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/system/lib/chipset-pub-sdk", - "sandbox-path" : "/system/lib/chipset-pub-sdk", + "src-path" : "/system/lib", + "sandbox-path" : "/system/lib", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/system/lib/chipset-sdk", - "sandbox-path" : "/system/lib/chipset-sdk", + "src-path" : "/system/profile", + "sandbox-path" : "/system/profile", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/system/lib/ndk", - "sandbox-path" : "/system/lib/ndk", - "sandbox-flags" : [ "bind", "rec", "private" ] + "src-path" : "/system/app", + "sandbox-path" : "/system/app", + "sandbox-flags" : [ "bind", "rec", "private" ], + "ignore": 1 + }, { + "src-path" : "/system/fonts", + "sandbox-path" : "/system/fonts", + "sandbox-flags" : [ "bind", "rec", "private" ], + "ignore": 1 + }, { + "src-path" : "/system/usr", + "sandbox-path" : "/system/usr", + "sandbox-flags" : [ "bind", "rec", "private" ], + "ignore": 1 }, { "src-path" : "/vendor", "sandbox-path" : "/vendor", @@ -63,42 +73,17 @@ "sandbox-path" : "/storage", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/chip_prod", - "sandbox-path" : "/chip_prod", - "sandbox-flags" : [ "bind", "rec", "private" ] - } - ], - "mount-bind-files" : [ - { - "src-path" : "/system/etc/ld-musl-arm.path", - "sandbox-path" : "/system/etc/ld-musl-arm.path", + "src-path" : "/sys_prod", + "sandbox-path" : "/sys_prod", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/system/etc/ld-musl-namespace-arm.ini", - "sandbox-path" : "/system/etc/ld-musl-namespace-arm.ini", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/system/lib/ld-musl-arm.so.1", - "sandbox-path" : "/system/lib/ld-musl-arm.so.1", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/system/lib/libc.so", - "sandbox-path" : "/system/lib/libc.so", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/system/lib/libc++.so", - "sandbox-path" : "/system/lib/libc++.so", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/system/lib/libdisplay_buffer_proxy_1.0.z.so", - "sandbox-path" : "/system/lib/libdisplay_buffer_proxy_1.0.z.so", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/system/lib/libclang_rt.ubsan_minimal.so", - "sandbox-path" : "/system/lib/libclang_rt.ubsan_minimal.so", + "src-path" : "/chip_prod", + "sandbox-path" : "/chip_prod", "sandbox-flags" : [ "bind", "rec", "private" ] } ], + "mount-bind-files" : [{ + }], "symbol-links" : [{ "target-name" : "/system/lib", "link-name" : "/lib" diff --git a/services/sandbox/system-sandbox.json b/services/sandbox/system-sandbox.json index 6229bcec8..be331edfa 100644 --- a/services/sandbox/system-sandbox.json +++ b/services/sandbox/system-sandbox.json @@ -32,12 +32,8 @@ "sandbox-flags" : [ "bind", "rec", "private" ], "ignore": 1 }, { - "src-path" : "/vendor/lib/chipsetsdk", - "sandbox-path" : "/vendor/lib/chipsetsdk", - "sandbox-flags" : [ "bind", "rec", "private" ] - }, { - "src-path" : "/vendor/lib/chipset-sdk", - "sandbox-path" : "/vendor/lib/chipset-sdk", + "src-path" : "/vendor", + "sandbox-path" : "/vendor", "sandbox-flags" : [ "bind", "rec", "private" ] }, { "src-path" : "/dev", @@ -78,21 +74,17 @@ "sandbox-path" : "/sys_prod", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/vendor/etc", - "sandbox-path" : "/vendor/etc", - "sandbox-flags" : [ "bind", "rec", "private" ] - } - ], - "mount-bind-files" : [{ - "src-path" : "/vendor/lib/libmapper_service_1.0.z.so", - "sandbox-path" : "/vendor/lib/libmapper_service_1.0.z.so", + "src-path" : "/vendor", + "sandbox-path" : "/chipset", "sandbox-flags" : [ "bind", "rec", "private" ] }, { - "src-path" : "/vendor/lib/libinput_interfaces_service_1.0.z.so", - "sandbox-path" : "/vendor/lib/libinput_interfaces_service_1.0.z.so", + "src-path" : "/chip_prod", + "sandbox-path" : "/chip_prod", "sandbox-flags" : [ "bind", "rec", "private" ] } ], + "mount-bind-files" : [{ + }], "symbol-links" : [{ "target-name" : "/system/lib", "link-name" : "/lib" -- Gitee