#! /system/bin/sh
#
# Warning: if you want to run this script in cm-recovery change the above to #!/sbin/sh
#
# fix_permissions - fixes permissions on Android data directories after upgrade
# shade@chemlab.org
#
# original concept: http://blog.elsdoerfer.name/2009/05/25/android-fix-package-uid-mismatches/
# implementation by: Cyanogen
# improved by: ankn, smeat, thenefield, farmatito, rikupw, Kastro
#
# v1.1-v1.31r3 - many improvements and concepts from XDA developers.
# v1.34 through v2.00 -  A lot of frustration [by Kastro]
# v2.01	- Completely rewrote the script for SPEED, thanks for the input farmatito
#         /data/data depth recursion is tweaked;
#         fixed single mode;
#         functions created for modularity;
#         logging can be disabled via CLI for more speed; 
#         runtime computation added to end (Runtime: mins secs); 
#         progress (current # of total) added to screen;
#         fixed CLI argument parsing, now you can have more than one option!;
#         debug cli option;
#         verbosity can be disabled via CLI option for less noise;;
#         [by Kastro, (XDA: k4str0), twitter;mattcarver]
# v2.02 - ignore com.htc.resources.apk if it exists and minor code cleanups,
#         fix help text, implement simulated run (-s) [farmatito]
# v2.03 - fixed chown group ownership output [Kastro]

VERSION="2.03"

# Defaults
DEBUG=0 # Debug off by default
LOGGING=1 # Logging on by default
VERBOSE=1 # Verbose on by default

# Messages
UID_MSG="Changing user ownership for:"
GID_MSG="Changing group ownership for:"
PERM_MSG="Changing permissions for:"

# Programs needed
ECHO="busybox echo"
GREP="busybox grep"
EGREP="busybox egrep"
CAT="busybox cat"
CHOWN="busybox chown"
CHMOD="busybox chmod"
MOUNT="busybox mount"
UMOUNT="busybox umount"
CUT="busybox cut"
FIND="busybox find"
LS="busybox ls"
TR="busybox tr"
TEE="busybox tee"
TEST="busybox test"
SED="busybox sed"
RM="busybox rm"
WC="busybox wc"
EXPR="busybox expr"
DATE="busybox date"

# Initialise vars
CODEPATH=""
UID=""
GID=""
PACKAGE=""
REMOVE=0
NOSYSTEM=0
ONLY_ONE=""
SIMULATE=0
SYSREMOUNT=0
SYSMOUNT=0
DATAMOUNT=0
SYSSDMOUNT=0
FP_STARTTIME=$( $DATE +"%m-%d-%Y %H:%M:%S" )
FP_STARTEPOCH=$( $DATE +%s )

fp_usage()
{
	$ECHO "Usage $0 [OPTIONS] [APK_PATH]"
	$ECHO "      -d         turn on debug"
	$ECHO "      -f         fix only package APK_PATH"	
	$ECHO "      -l         disable logging for this run (faster)"
	$ECHO "      -r         remove stale data directories"
	$ECHO "                 of uninstalled packages while fixing permissions"
	$ECHO "      -s         simulate only"
	$ECHO "      -u         check only non-system directories"
	$ECHO "      -v         disable verbosity for this run (less output)"
	$ECHO "      -V         print version"
	$ECHO "      -h         this help"
}

fp_parseargs()
{
	# Parse options
	while $TEST $# -ne 0; do
		case "$1" in
			-d)
				DEBUG=1
			;;
			-f)
				if $TEST $# -lt 2; then
					$ECHO "$0: missing argument for option $1"
					exit 1
				else
					if $TEST $( $ECHO $2 | $CUT -c1 ) != "-"; then
						ONLY_ONE=$2
						shift;
					else
						$ECHO "$0: missing argument for option $1"
						exit 1
					fi
				fi
			;;
			-r)
				REMOVE=1
			;;
			-s)
				SIMULATE=1
			;;
			-l)
				if $TEST $LOGGING -eq 0; then
					LOGGING=1
				else
					LOGGING=0
				fi
			;;
			-v)
				if $TEST $VERBOSE -eq 0; then
					VERBOSE=1
				else
					VERBOSE=0
				fi
			;;
			-u)
				NOSYSTEM=1
			;;
			-V)
				$ECHO "$0 $VERSION"
				exit 0
			;;
			-h)
				fp_usage
				exit 0
			;;
			-*)
				$ECHO "$0: unknown option $1"
				$ECHO
				fp_usage
				exit 1
			;;
		esac
		shift;
	done
}

fp_print()
{
	MSG=$@
	if $TEST $LOGGING -eq 1; then
		$ECHO $MSG | $TEE -a $LOG_FILE
	else
		$ECHO $MSG
	fi
}

fp_start()
{
	if $TEST $SIMULATE -eq 0 ; then
		if $TEST $( $GREP -c " /system " "/proc/mounts" ) -ne 0; then
			DEVICE=$( $GREP " /system " "/proc/mounts" | $CUT -d ' ' -f1 )
			if $TEST $DEBUG -eq 1; then
				fp_print "/system mounted on $DEVICE"
			fi
			if $TEST $( $GREP " /system " "/proc/mounts" | $GREP -c " ro " ) -ne 0; then
				$MOUNT -o remount,rw $DEVICE /system
				SYSREMOUNT=1
			fi
		else
			$MOUNT /system > /dev/null 2>&1
			SYSMOUNT=1
		fi
	
		if $TEST $( $GREP -c " /data " "/proc/mounts" ) -eq 0; then
			$MOUNT /data > /dev/null 2>&1
			DATAMOUNT=1
		fi
	
#		if $TEST -e /dev/block/mmcblk0p2 && $TEST $( $GREP -c " /system/sd " "/proc/mounts" ) -eq 0; then
#				$MOUNT /system/sd > /dev/null 2>&1
#			SYSSDMOUNT=1
#		fi
	fi	
	if $TEST $( $MOUNT | $GREP -c /sdcard ) -eq 0; then
		LOG_FILE="/data/fix_permissions.log"
	else
		LOG_FILE="/sdcard/fix_permissions.log"
	fi
	if $TEST ! -e "$LOG_FILE"; then
		> $LOG_FILE
	fi

	fp_print "$0 $VERSION started at $FP_STARTTIME"
}

fp_chown_uid()
{
	FP_OLDUID=$1
	FP_UID=$2
	FP_FILE=$3
	
	#if user ownership doesn't equal then change them
	if $TEST "$FP_OLDUID" != "$FP_UID"; then
		if $TEST $VERBOSE -ne 0; then
			fp_print "$UID_MSG $FP_FILE from '$FP_OLDUID' to '$FP_UID'"
		fi
		if $TEST $SIMULATE -eq 0; then
			$CHOWN $FP_UID "$FP_FILE"
		fi
	fi
}

fp_chown_gid()
{
	FP_OLDGID=$1
	FP_GID=$2
	FP_FILE=$3
	
	#if group ownership doesn't equal then change them
	if $TEST "$FP_OLDGID" != "$FP_GID"; then
		if $TEST $VERBOSE -ne 0; then
			fp_print "$GID_MSG $FP_FILE from '$FP_OLDGID' to '$FP_GID'"
		fi
		if $TEST $SIMULATE -eq 0; then
			$CHOWN :$FP_GID "$FP_FILE"
		fi
	fi
}

fp_chmod()
{
	FP_OLDPER=$1
	FP_OLDPER=$( $ECHO $FP_OLDPER | cut -c2-10 )
	FP_PERSTR=$2
	FP_PERNUM=$3
	FP_FILE=$4
	
	#if the permissions are not equal
	if $TEST "$FP_OLDPER" != "$FP_PERSTR"; then
		if $TEST $VERBOSE -ne 0; then
			fp_print "$PERM_MSG $FP_FILE from '$FP_OLDPER' to '$FP_PERSTR' ($FP_PERNUM)"
		fi
		#change the permissions
		if $TEST $SIMULATE -eq 0; then	
			$CHMOD $FP_PERNUM "$FP_FILE"
		fi
	fi
}
  
fp_all()
{
	FP_NUMS=$( $EGREP "^<package.*serId" /data/system/packages.xml | $GREP -cv 'framework-res.apk\|com.htc.resources.apk' )
	I=0
	$EGREP "^<package.*serId" /data/system/packages.xml | $GREP -v 'framework-res.apk\|com.htc.resources.apk' | while read all_line; do
		I=$( $EXPR $I + 1 )
		fp_package "$all_line" $I $FP_NUMS
	done
}

fp_single()
{
	FP_SFOUND=$( $EGREP "^<package.*serId" /data/system/packages.xml | $GREP -v 'framework-res.apk\|com.htc.resources.apk' | $GREP -ci $ONLY_ONE )
	if $TEST $FP_SFOUND -gt 1; then
		fp_print "Cannot perform single operation on $FP_SFOUND matched package(s)."
	elif $TEST $FP_SFOUND = "" -o $FP_SFOUND -eq 0; then
		fp_print "Could not find the package you specified in the packages.xml file."
	else
		FP_SPKG=$( $EGREP "^<package.*serId" /data/system/packages.xml | $GREP -v 'framework-res.apk\|com.htc.resources.apk' | $GREP -i $ONLY_ONE )
		fp_package "${FP_SPKG}" 1 1
	fi
}

fp_package()
{
	pkgline=$1
	curnum=$2
	endnum=$3
	CODEPATH=$( $ECHO $pkgline | $SED 's%.* codePath="\(.*\)".*%\1%' |  $CUT -d '"' -f1 )
	PACKAGE=$( $ECHO $pkgline | $SED 's%.* name="\(.*\)".*%\1%' | $CUT -d '"' -f1 )
	UID=$( $ECHO $pkgline | $SED 's%.*serId="\(.*\)".*%\1%' |  $CUT -d '"' -f1 )
	GID=$UID
	APPDIR=$( $ECHO $CODEPATH | $SED 's%^\(.*\)/.*%\1%' )
	APK=$( $ECHO $CODEPATH | $SED 's%^.*/\(.*\..*\)$%\1%' )
	
	#debug
	if $TEST $DEBUG -eq 1; then
		fp_print "CODEPATH: $CODEPATH APPDIR: $APPDIR APK:$APK UID/GID:$UID:$GID"
	fi
	
	#check for existence of apk
	if $TEST -e $CODEPATH;  then
		fp_print "Processing ($curnum of $endnum): $PACKAGE..."
		
		#lets get existing permissions of CODEPATH
		OLD_UGD=$( $LS -ln "$CODEPATH" )
		OLD_PER=$( $ECHO $OLD_UGD | $CUT -d ' ' -f1 )
		OLD_UID=$( $ECHO $OLD_UGD | $CUT -d ' ' -f3 )
		OLD_GID=$( $ECHO $OLD_UGD | $CUT -d ' ' -f4 )
		
		#apk source dirs
		if $TEST "$APPDIR" = "/system/app"; then
			#skip system apps if set
			if $TEST "$NOSYSTEM" = "1"; then
				fp_print "***SKIPPING SYSTEM APP ($PACKAGE)!"
				return
			fi
			fp_chown_uid $OLD_UID 0 "$CODEPATH"
			fp_chown_gid $OLD_GID 0 "$CODEPATH"
			fp_chmod $OLD_PER "rw-r--r--" 644 "$CODEPATH"
		elif $TEST "$APPDIR" = "/data/app"; then
			fp_chown_uid $OLD_UID 1000 "$CODEPATH"
			fp_chown_gid $OLD_GID 1000 "$CODEPATH"
			fp_chmod $OLD_PER "rw-r--r--" 644 "$CODEPATH"
		elif $TEST "$APPDIR" = "/data/app-private"; then
			fp_chown_uid $OLD_UID 1000 "$CODEPATH"
			fp_chown_gid $OLD_GID $GID "$CODEPATH"
			fp_chmod $OLD_PER "rw-r-----" 640 "$CODEPATH"
		fi
	else
		fp_print "$CODEPATH does not exist ($curnum of $endnum). Reinstall..."
		if $TEST $REMOVE -eq 1; then
			if $TEST -d /data/data/$PACKAGE ; then
				fp_print "Removing stale dir /data/data/$PACKAGE"
				if $TEST $SIMULATE -eq 0 ; then
					$RM -R /data/data/$PACKAGE
				fi
			fi
		fi
	fi
		
	#the data/data for the package
	if $TEST -d "/data/data/$PACKAGE"; then   
		#find all directories in /data/data/$PACKAGE
		$FIND /data/data/$PACKAGE -type d -exec $LS -ldn {} \; | while read dataline; do
			#get existing permissions of that directory
			OLD_PER=$( $ECHO $dataline | $CUT -d ' ' -f1 )
			OLD_UID=$( $ECHO $dataline | $CUT -d ' ' -f3 )
			OLD_GID=$( $ECHO $dataline | $CUT -d ' ' -f4 )
			FILEDIR=$( $ECHO $dataline | $CUT -d ' ' -f9 )
			FOURDIR=$( $ECHO $FILEDIR | $CUT -d '/' -f5 )
			
			#set defaults for iteration
			ISLIB=0
			REVPERM=755
			REVPSTR="rwxr-xr-x"
			REVUID=$UID
			REVGID=$GID
				
			if $TEST "$FOURDIR" = ""; then
				#package directory, perms:755 owner:$UID:$GID
				fp_chmod $OLD_PER "rwxr-xr-x" 755 "$FILEDIR"
			elif $TEST "$FOURDIR" = "lib"; then
				#lib directory, perms:755 owner:1000:1000
				#lib files, perms:755 owner:1000:1000
				ISLIB=1
				REVPERM=755
				REVPSTR="rwxr-xr-x"
				REVUID=1000
				REVGID=1000
				fp_chmod $OLD_PER "rwxr-xr-x" 755 "$FILEDIR"
			elif $TEST "$FOURDIR" = "shared_prefs"; then
				#shared_prefs directories, perms:771 owner:$UID:$GID
				#shared_prefs files, perms:660 owner:$UID:$GID
				REVPERM=660
				REVPSTR="rw-rw----"
				fp_chmod $OLD_PER "rwxrwx--x" 771 "$FILEDIR"
			elif $TEST "$FOURDIR" = "databases"; then
				#databases directories, perms:771 owner:$UID:$GID
				#databases files, perms:660 owner:$UID:$GID
				REVPERM=660
				REVPSTR="rw-rw----"
				fp_chmod $OLD_PER "rwxrwx--x" 771 "$FILEDIR"
			elif $TEST "$FOURDIR" = "cache"; then
				#cache directories, perms:771 owner:$UID:$GID
				#cache files, perms:600 owner:$UID:GID
				REVPERM=600
				REVPSTR="rw-------"
				fp_chmod $OLD_PER "rwxrwx--x" 771 "$FILEDIR"
			else
				#other directories, perms:771 owner:$UID:$GID     
				REVPERM=771
				REVPSTR="rwxrwx--x"
				fp_chmod $OLD_PER "rwxrwx--x" 771 "$FILEDIR"
			fi
			
			#change ownership of directories matched
			if $TEST "$ISLIB" = "1"; then
				fp_chown_uid $OLD_UID 1000 "$FILEDIR"
				fp_chown_gid $OLD_GID 1000 "$FILEDIR"
			else
				fp_chown_uid $OLD_UID $UID "$FILEDIR"
				fp_chown_gid $OLD_GID $GID "$FILEDIR"
			fi
			
			#if any files exist in directory with improper permissions reset them
			$FIND $FILEDIR -type f -maxdepth 1 ! -perm $REVPERM -exec $LS -ln {} \; | while read subline; do
				OLD_PER=$( $ECHO $subline | $CUT -d ' ' -f1 )
				SUBFILE=$( $ECHO $subline | $CUT -d ' ' -f9 )
				fp_chmod $OLD_PER $REVPSTR $REVPERM "$SUBFILE"
			done
			
			#if any files exist in directory with improper user reset them
			$FIND $FILEDIR -type f -maxdepth 1 ! -user $REVUID -exec $LS -ln {} \; | while read subline; do
				OLD_UID=$( $ECHO $subline | $CUT -d ' ' -f3 )
				SUBFILE=$( $ECHO $subline | $CUT -d ' ' -f9 )
				fp_chown_uid $OLD_UID $REVUID "$SUBFILE"
			done
			
			#if any files exist in directory with improper group reset them
			$FIND $FILEDIR -type f -maxdepth 1 ! -group $REVGID -exec $LS -ln {} \; | while read subline; do
				OLD_GID=$( $ECHO $subline | $CUT -d ' ' -f4 )
				SUBFILE=$( $ECHO $subline | $CUT -d ' ' -f9 )
				fp_chown_gid $OLD_GID $REVGID "$SUBFILE"
			done
		done
	fi
}

date_diff()
{
	if $TEST $# -ne 2; then
		FP_DDM="E"
		FP_DDS="E"
		return
	fi
	FP_DDD=$( $EXPR $2 - $1 )
	FP_DDM=$( $EXPR $FP_DDD / 60 )
	FP_DDS=$( $EXPR $FP_DDD % 60 )
}

fp_end()
{
	if $TEST $SYSREMOUNT -eq 1; then
		$MOUNT -o remount,ro $DEVICE /system > /dev/null 2>&1
	fi
	
	if $TEST $SYSSDMOUNT -eq 1; then
		$UMOUNT /system/sd > /dev/null 2>&1
	fi
	
	if $TEST $SYSMOUNT -eq 1; then
		$UMOUNT /system > /dev/null 2>&1
	fi
	
	if $TEST $DATAMOUNT -eq 1; then
		$UMOUNT /data > /dev/null 2>&1
	fi
	
	FP_ENDTIME=$( $DATE +"%m-%d-%Y %H:%M:%S" )
	FP_ENDEPOCH=$( $DATE +%s )
	
	date_diff $FP_STARTEPOCH $FP_ENDEPOCH
	
	fp_print "$0 $VERSION ended at $FP_ENDTIME (Runtime:${FP_DDM}m${FP_DDS}s)"
}

#MAIN SCRIPT

fp_parseargs $@
fp_start
if $TEST "$ONLY_ONE" != "" -a "$ONLY_ONE" != "0" ; then
	fp_single "$ONLY_ONE"
else 
	fp_all
fi
fp_end
