一.SU相关的源码
1)su.c
/*
**
** Copyright , The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** /licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
#define LOG_TAG "su"
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
void pwtoid(const char *tok, uid_t *uid, gid_t *gid)
{
struct passwd *pw;
pw = getpwnam(tok);
if (pw) {
if (uid) *uid = pw->pw_uid;
if (gid) *gid = pw->pw_gid;
} else {
uid_t tmpid = atoi(tok);
if (uid) *uid = tmpid;
if (gid) *gid = tmpid;
}
}
void extract_uidgids(const char *uidgids, uid_t *uid, gid_t *gid, gid_t *gids,
int *gids_count)
{
char *clobberablegids;
char *nexttok;
char *tok;
int gids_found;
if (!uidgids || !*uidgids) {
*gid = *uid = 0;
*gids_count = 0;
return;
}
clobberablegids = strdup(uidgids);
strcpy(clobberablegids, uidgids);
nexttok = clobberablegids;
tok = strsep(&nexttok, ",");
pwtoid(tok, uid, gid);
tok = strsep(&nexttok, ",");
if (!tok) {
/* gid is already set above */
*gids_count = 0;
free(clobberablegids);
return;
}
pwtoid(tok, NULL, gid);
gids_found = 0;
while ((gids_found < *gids_count) && (tok = strsep(&nexttok, ","))) {
pwtoid(tok, NULL, gids);
gids_found++;
gids++;
}
if (nexttok && gids_found == *gids_count) {
fprintf(stderr, "too many group ids\n");
}
*gids_count = gids_found;
free(clobberablegids);
}
/*
* SU can be given a specific command to exec. UID _must_ be
* specified for this (ie argc => 3).
*
* Usage:
* su 1000
* su 1000 ls -l
* or
* su [uid[,gid[,group1]...] [cmd]]
* E.g.
* su 1000,shell,net_bw_acct,net_bw_stats id
* will return
* uid=1000(system) gid=2000(shell) groups=3006(net_bw_stats),3007(net_bw_acct)
*/
int main(int argc, char **argv)
{
struct passwd *pw;
uid_t uid, myuid;
gid_t gid, gids[10];
/* Until we have something better, only root and the shell can use su. */
myuid = getuid();
if (myuid != AID_ROOT && myuid != AID_SHELL) {
fprintf(stderr,"su: uid %d not allowed to su\n", myuid);
return 1;
}
if(argc < 2) {
uid = gid = 0;
} else {
int gids_count = sizeof(gids)/sizeof(gids[0]);
extract_uidgids(argv[1], &uid, &gid, gids, &gids_count);
if(gids_count) {
if(setgroups(gids_count, gids)) {
fprintf(stderr, "su: failed to set groups\n");
return 1;
}
}
}
if(setgid(gid) || setuid(uid)) {
fprintf(stderr,"su: permission denied\n");
return 1;
}
/* User specified command for exec. */
if (argc == 3 ) {
if (execlp(argv[2], argv[2], NULL) < 0) {
int saved_errno = errno;
fprintf(stderr, "su: exec failed for %s Error:%s\n", argv[2],
strerror(errno));
return -saved_errno;
}
} else if (argc > 3) {
/* Copy the rest of the args from main. */
char *exec_args[argc - 1];
memset(exec_args, 0, sizeof(exec_args));
memcpy(exec_args, &argv[2], sizeof(exec_args));
if (execvp(argv[2], exec_args) < 0) {
int saved_errno = errno;
fprintf(stderr, "su: exec failed for %s Error:%s\n", argv[2],
strerror(errno));
return -saved_errno;
}
}
/* Default exec shell. */
execlp("/system/bin/sh", "sh", NULL);
fprintf(stderr, "su: exec failed\n");
return 1;
}
2)Android.mk文件
LOCAL_PATH:= $(call my-dir)
include $(CLEAR_VARS)
LOCAL_SRC_FILES:= su.c
LOCAL_MODULE:= su
LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_STATIC_LIBRARIES := libc
LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
LOCAL_MODULE_TAGS := debug
include $(BUILD_EXECUTABLE)
将这两个文件放到/system/extras/su/文件夹下,mm编译后生成的最终文件为:
二:添加权限
在system/core/rootdir/init.rc中添加语句 chmod 4755 /system/xbin/su
三:如果涉及到/data目录而非/data/data//的修改,则修改system/core/rootdir/init.rc
四:Java App进行验证
packagecn.zlonglove.su;
importjava.io.DataOutputStream;
importjava.io.IOException;
importandroid.app.Activity;
importandroid.os.Bundle;
importandroid.util.Log;
publicclassSuActivityextendsActivity{
/** Called when the activity is first created. */
@Override
publicvoidonCreate(Bundle savedInstanceState){
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
try{
Processprocess=Runtime.getRuntime().exec("su");//(这里执行是系统已经开放了root权限,而不是说通过执行这句来获得root权限)
DataOutputStreamos=newDataOutputStream(process.getOutputStream());
os.writeBytes("ifconfig eth0 192.168.1.10\n");
os.writeBytes("exit\n");
os.flush();
}catch(IOExceptione){
e.printStackTrace();
}
}
}
如果觉得《android su文件 Android su开放root权限》对你有帮助,请点赞、收藏,并留下你的观点哦!