Set uid/gid/mode of files in an APEX

apexer now supports --canned_fs_config to set uid, gid, mode and
capability of files in the APEX.

The syntax of a canned_fs_config is as simple as

path uid gid mode [capability]

for each path.

Currently, uid, gid, and mode should be numeric, e.g., 100 200 0644,
symbolic names are not supported yet.

Note that when --canned_fs_config is specified, it must cover ALL
files in the APEX. Missing a file is an error.

Bug: 112458021
Test: runtests.sh
Change-Id: I73da91dfd0be2a12acc80d7e08127994fa49e073

1 files changed, 5 insertions, 1 deletions

diff --git a/apexer/apexer.py b/apexer/apexer.py
index b684b24..fd57c36 100644
--- a/apexer/apexer.py
+++ b/apexer/apexer.py
@@ -39,8 +39,10 @@ def ParseArgs(argv):
                       help='verbose execution')
   parser.add_argument('--manifest', default='manifest.json',
                       help='path to the APEX manifest file')
-  parser.add_argument('--file_contexts',
+  parser.add_argument('--file_contexts', required=True,
                       help='selinux file contexts file')
+  parser.add_argument('--canned_fs_config', required=True,
+                      help='canned_fs_config specifies uid/gid/mode of files')
   parser.add_argument('input_dir', metavar='INPUT_DIR',
                       help='the directory having files to be packaged')
   parser.add_argument('output', metavar='OUTPUT',
@@ -159,6 +161,7 @@ def CreateApex(args, work_dir):
   cmd.extend(['-f', args.input_dir])
   cmd.extend(['-T', '0']) # time is set to epoch
   cmd.extend(['-S', compiled_file_contexts])
+  cmd.extend(['-C', args.canned_fs_config])
   cmd.append(img_file)
   RunCommand(cmd, args.verbose)
 
@@ -177,6 +180,7 @@ def CreateApex(args, work_dir):
   cmd.extend(['-f', manifests_dir])
   cmd.extend(['-T', '0']) # time is set to epoch
   cmd.extend(['-S', compiled_file_contexts])
+  cmd.extend(['-C', args.canned_fs_config])
   cmd.append(img_file)
   RunCommand(cmd, args.verbose)