From 817739d99f63f98d93e389b214e10c34ef78a7aa Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Wed, 31 May 2023 22:28:40 +0800
Subject: [PATCH 01/16] add gids to AppSpawn start messege

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 77c340390ed..0ce47662900 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1687,6 +1687,8 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     AppSpawnStartMsg startMsg;
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
+    startMsg.gids = bundleInfo.gids;
+    HILOG_ERROR("GetBundleGids is %{public}d", bundleInfo.gids[0]);
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
     startMsg.bundleName = bundleName;
-- 
Gitee


From d7298b9f3ad6665ce375da953ee744e2e2f7fd58 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Thu, 1 Jun 2023 15:33:32 +0800
Subject: [PATCH 02/16] add log

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 0ce47662900..343a900ede5 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1602,18 +1602,23 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
                                       const std::shared_ptr<AppRunningRecord> &appRecord, const int uid,
                                       const std::string &bundleName, const int32_t bundleIndex, bool appExistFlag)
 {
+    HILOG_ERROR("before GetBundleInfo 111");
     HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
     if (!appRecord) {
         HILOG_ERROR("appRecord is null");
         return;
     }
 
+    HILOG_ERROR("before GetBundleInfo 222");
+
     if (!remoteClientManager_->GetSpawnClient()) {
         HILOG_ERROR("appSpawnClient is null");
         appRunningManager_->RemoveAppRunningRecordById(appRecord->GetRecordId());
         return;
     }
 
+    HILOG_ERROR("before GetBundleInfo 333");
+
     auto bundleMgr_ = remoteClientManager_->GetBundleManager();
     if (bundleMgr_ == nullptr) {
         HILOG_ERROR("GetBundleManager fail");
@@ -1621,6 +1626,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         return;
     }
 
+    HILOG_ERROR("before GetBundleInfo");
     auto userId = GetUserIdByUid(uid);
     BundleInfo bundleInfo;
     bool bundleMgrResult;
@@ -1639,6 +1645,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         appRunningManager_->RemoveAppRunningRecordById(appRecord->GetRecordId());
         return;
     }
+    HILOG_ERROR("after GetBundleInfo");
 
     HspList hspList;
     ErrCode ret = bundleMgr_->GetBaseSharedBundleInfos(bundleName, hspList);
@@ -1648,6 +1655,8 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         return;
     }
 
+    HILOG_ERROR("after GetBundleInfo 111");
+
     bool hasAccessBundleDirReq = std::any_of(bundleInfo.reqPermissions.begin(), bundleInfo.reqPermissions.end(),
         [] (const auto &reqPermission) {
             if (PERMISSION_ACCESS_BUNDLE_DIR == reqPermission) {
@@ -1656,6 +1665,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
 
             return false;
         });
+    HILOG_ERROR("after GetBundleInfo 222");
     uint8_t setAllowInternet = 0;
     uint8_t allowInternet = 1;
     auto token = bundleInfo.applicationInfo.accessTokenId;
@@ -1684,6 +1694,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         }
     }
 
+    HILOG_ERROR("after GetBundleInfo 333");
     AppSpawnStartMsg startMsg;
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
-- 
Gitee


From 881ddde1af999e22da2c3c9f036119e78b611b03 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Thu, 1 Jun 2023 23:52:20 +0800
Subject: [PATCH 03/16] add gids direct

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 20 ++++++++-----------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 343a900ede5..83145af27f5 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1602,23 +1602,18 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
                                       const std::shared_ptr<AppRunningRecord> &appRecord, const int uid,
                                       const std::string &bundleName, const int32_t bundleIndex, bool appExistFlag)
 {
-    HILOG_ERROR("before GetBundleInfo 111");
     HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
     if (!appRecord) {
         HILOG_ERROR("appRecord is null");
         return;
     }
 
-    HILOG_ERROR("before GetBundleInfo 222");
-
     if (!remoteClientManager_->GetSpawnClient()) {
         HILOG_ERROR("appSpawnClient is null");
         appRunningManager_->RemoveAppRunningRecordById(appRecord->GetRecordId());
         return;
     }
 
-    HILOG_ERROR("before GetBundleInfo 333");
-
     auto bundleMgr_ = remoteClientManager_->GetBundleManager();
     if (bundleMgr_ == nullptr) {
         HILOG_ERROR("GetBundleManager fail");
@@ -1626,7 +1621,6 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         return;
     }
 
-    HILOG_ERROR("before GetBundleInfo");
     auto userId = GetUserIdByUid(uid);
     BundleInfo bundleInfo;
     bool bundleMgrResult;
@@ -1645,7 +1639,6 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         appRunningManager_->RemoveAppRunningRecordById(appRecord->GetRecordId());
         return;
     }
-    HILOG_ERROR("after GetBundleInfo");
 
     HspList hspList;
     ErrCode ret = bundleMgr_->GetBaseSharedBundleInfos(bundleName, hspList);
@@ -1655,8 +1648,6 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         return;
     }
 
-    HILOG_ERROR("after GetBundleInfo 111");
-
     bool hasAccessBundleDirReq = std::any_of(bundleInfo.reqPermissions.begin(), bundleInfo.reqPermissions.end(),
         [] (const auto &reqPermission) {
             if (PERMISSION_ACCESS_BUNDLE_DIR == reqPermission) {
@@ -1665,7 +1656,6 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
 
             return false;
         });
-    HILOG_ERROR("after GetBundleInfo 222");
     uint8_t setAllowInternet = 0;
     uint8_t allowInternet = 1;
     auto token = bundleInfo.applicationInfo.accessTokenId;
@@ -1676,12 +1666,15 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
+            HILOG_ERROR("not Set netmanager group");
 #ifdef APP_MGR_SERVICE_APPMS
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
+            HILOG_ERROR("Set netmanager group");
+            bundleInfo.gids.push_back(1099);
 #endif
         }
 
@@ -1694,12 +1687,15 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         }
     }
 
-    HILOG_ERROR("after GetBundleInfo 333");
     AppSpawnStartMsg startMsg;
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
     startMsg.gids = bundleInfo.gids;
-    HILOG_ERROR("GetBundleGids is %{public}d", bundleInfo.gids[0]);
+    if (!bundleInfo.gids.empty()) {
+        HILOG_ERROR("BundleGids is %{public}d", bundleInfo.gids[0]);
+    } else {
+        HILOG_ERROR("BundleGids is empty");
+    }
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
     startMsg.bundleName = bundleName;
-- 
Gitee


From 0dd47ababc8b6127f59960a824513d23134bbd7f Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 10:51:24 +0800
Subject: [PATCH 04/16] test only

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 83145af27f5..71398c3c7e4 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1666,15 +1666,15 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
-            HILOG_ERROR("not Set netmanager group");
+            // HILOG_ERROR("not Set netmanager group");
 #ifdef APP_MGR_SERVICE_APPMS
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            HILOG_ERROR("Set netmanager group");
-            bundleInfo.gids.push_back(1099);
+            // HILOG_ERROR("Set netmanager group");
+            // bundleInfo.gids.push_back(1099);
 #endif
         }
 
-- 
Gitee


From 7d5a7a9a0da45899eb84010f5c79b9f3b7451e61 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 12:43:25 +0800
Subject: [PATCH 05/16] both set gids

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 71398c3c7e4..0f111a9ad51 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1666,15 +1666,16 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
-            // HILOG_ERROR("not Set netmanager group");
+            HILOG_ERROR("not Set netmanager group");
 #ifdef APP_MGR_SERVICE_APPMS
+            HILOG_ERROR("not Set netmanager group in macro");
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            // HILOG_ERROR("Set netmanager group");
-            // bundleInfo.gids.push_back(1099);
+            HILOG_ERROR("Set netmanager group");
+            bundleInfo.gids.push_back(1099);
 #endif
         }
 
-- 
Gitee


From 72717ec7755606fc66ba2146d7181a2d586c0969 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 14:36:00 +0800
Subject: [PATCH 06/16] add const value

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 0f111a9ad51..96af3f61ca0 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,6 +127,8 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 
+constexpr int32_t NET_MANAGER_GROUPID = 1099;
+
 int32_t GetUserIdByUid(int32_t uid)
 {
     return uid / BASE_USER_RANGE;
@@ -1666,16 +1668,16 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
-            HILOG_ERROR("not Set netmanager group");
+            HILOG_ERROR("not Bundle Gidsp");
 #ifdef APP_MGR_SERVICE_APPMS
-            HILOG_ERROR("not Set netmanager group in macro");
+            HILOG_ERROR("not Bundle Gids in macro");
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            HILOG_ERROR("Set netmanager group");
-            bundleInfo.gids.push_back(1099);
+            HILOG_ERROR("Bundle Gids to ");
+            bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
 #endif
         }
 
@@ -1693,9 +1695,9 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     startMsg.gid = bundleInfo.gid;
     startMsg.gids = bundleInfo.gids;
     if (!bundleInfo.gids.empty()) {
-        HILOG_ERROR("BundleGids is %{public}d", bundleInfo.gids[0]);
+        HILOG_ERROR("Bundle Gids is %{public}d", bundleInfo.gids[0]);
     } else {
-        HILOG_ERROR("BundleGids is empty");
+        HILOG_ERROR("Bundle Gids is empty");
     }
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
-- 
Gitee


From 87091cc2014f50815834b2351dee6e61b9bb91fa Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 15:41:49 +0800
Subject: [PATCH 07/16] test only bundle

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 96af3f61ca0..6575f4b4219 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1668,7 +1668,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
-            HILOG_ERROR("not Bundle Gidsp");
+            HILOG_ERROR("not Bundle Gids");
 #ifdef APP_MGR_SERVICE_APPMS
             HILOG_ERROR("not Bundle Gids in macro");
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
@@ -1676,8 +1676,8 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            HILOG_ERROR("Bundle Gids to ");
-            bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
+            // HILOG_ERROR("Bundle Gids to 1099");
+            // bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
 #endif
         }
 
-- 
Gitee


From 0602e07958e98e02e1d3d9fd9ec3de6818c3421b Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 16:33:44 +0800
Subject: [PATCH 08/16] delete not use variable

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 6575f4b4219..cfdc5355740 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 
-constexpr int32_t NET_MANAGER_GROUPID = 1099;
+// constexpr int32_t NET_MANAGER_GROUPID = 1099;
 
 int32_t GetUserIdByUid(int32_t uid)
 {
-- 
Gitee


From 03b5bf5b5cdd1b1ee96d2d4f104730d017d68b37 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 17:39:28 +0800
Subject: [PATCH 09/16] clearn no use code

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index cfdc5355740..565f1cd0e10 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 
-// constexpr int32_t NET_MANAGER_GROUPID = 1099;
+constexpr int32_t NET_MANAGER_GROUPID = 1099;
 
 int32_t GetUserIdByUid(int32_t uid)
 {
@@ -1668,16 +1668,13 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         if (result != Security::AccessToken::PERMISSION_GRANTED) {
             setAllowInternet = 1;
             allowInternet = 0;
-            HILOG_ERROR("not Bundle Gids");
 #ifdef APP_MGR_SERVICE_APPMS
-            HILOG_ERROR("not Bundle Gids in macro");
             auto ret = SetInternetPermission(bundleInfo.uid, 0);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            // HILOG_ERROR("Bundle Gids to 1099");
-            // bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
+            bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
 #endif
         }
 
@@ -1694,11 +1691,6 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
     startMsg.gids = bundleInfo.gids;
-    if (!bundleInfo.gids.empty()) {
-        HILOG_ERROR("Bundle Gids is %{public}d", bundleInfo.gids[0]);
-    } else {
-        HILOG_ERROR("Bundle Gids is empty");
-    }
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
     startMsg.bundleName = bundleName;
-- 
Gitee


From 3863ecc9c65af832d1c91dd11bd08ee8cc1865cf Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 2 Jun 2023 19:12:43 +0800
Subject: [PATCH 10/16] fix tdd build failed

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 565f1cd0e10..aa058a453d2 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -126,9 +126,9 @@ const std::string PROCESS_EXIT_EVENT_TASK = "Send Process Exit Event Task";
 constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
-
+#ifdef APP_MGR_SERVICE_APPMS
 constexpr int32_t NET_MANAGER_GROUPID = 1099;
-
+#endif
 int32_t GetUserIdByUid(int32_t uid)
 {
     return uid / BASE_USER_RANGE;
-- 
Gitee


From 66000ef985a526e021d1b7963614c3bbf21e8562 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Sat, 3 Jun 2023 13:14:59 +0800
Subject: [PATCH 11/16] modify socket gid

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index aa058a453d2..4739deadafb 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 #ifdef APP_MGR_SERVICE_APPMS
-constexpr int32_t NET_MANAGER_GROUPID = 1099;
+constexpr int32_t NETSYS_SOCKET_GROUPID = 3008;
 #endif
 int32_t GetUserIdByUid(int32_t uid)
 {
@@ -1674,7 +1674,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            bundleInfo.gids.push_back(NET_MANAGER_GROUPID);
+            bundleInfo.gids.push_back(NETSYS_SOCKET_GROUPID);
 #endif
         }
 
-- 
Gitee


From b41692a9ad6cecb7d0ba9b88d1f33f214b01ddc6 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Sat, 3 Jun 2023 14:36:12 +0800
Subject: [PATCH 12/16] modify gid value

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 4739deadafb..285b071bf25 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 #ifdef APP_MGR_SERVICE_APPMS
-constexpr int32_t NETSYS_SOCKET_GROUPID = 3008;
+constexpr int32_t NETSYS_SOCKET_GROUPID = 1097;
 #endif
 int32_t GetUserIdByUid(int32_t uid)
 {
-- 
Gitee


From 890da98021adb664bee7667ee065ef5c3f0d0e12 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Wed, 7 Jun 2023 11:27:11 +0800
Subject: [PATCH 13/16] modify gids to netmanager

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 285b071bf25..1b43eb79081 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 #ifdef APP_MGR_SERVICE_APPMS
-constexpr int32_t NETSYS_SOCKET_GROUPID = 1097;
+constexpr int32_t NETSYS_SOCKET_GROUPID = 1099;
 #endif
 int32_t GetUserIdByUid(int32_t uid)
 {
-- 
Gitee


From 09ed9df6b7e0d2a6c38e9ebfc3966070f0095c33 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Wed, 7 Jun 2023 11:54:08 +0800
Subject: [PATCH 14/16] modify to special group

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 1b43eb79081..285b071bf25 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -127,7 +127,7 @@ constexpr int32_t ROOT_UID = 0;
 constexpr int32_t FOUNDATION_UID = 5523;
 constexpr int32_t DEFAULT_USER_ID = 0;
 #ifdef APP_MGR_SERVICE_APPMS
-constexpr int32_t NETSYS_SOCKET_GROUPID = 1099;
+constexpr int32_t NETSYS_SOCKET_GROUPID = 1097;
 #endif
 int32_t GetUserIdByUid(int32_t uid)
 {
-- 
Gitee


From dddb45ffe7b05ab71bd8df02888d45543c6a004c Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Thu, 8 Jun 2023 18:48:06 +0800
Subject: [PATCH 15/16] use local variable

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 285b071bf25..65b3e578151 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1661,6 +1661,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     uint8_t setAllowInternet = 0;
     uint8_t allowInternet = 1;
     auto token = bundleInfo.applicationInfo.accessTokenId;
+    std::vector<int32_t> gids;
     {
         // Add TRACE
         HITRACE_METER_NAME(HITRACE_TAG_APP, "AccessTokenKit::VerifyAccessToken");
@@ -1674,7 +1675,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
         } else {
             auto ret = SetInternetPermission(bundleInfo.uid, 1);
             HILOG_DEBUG("SetInternetPermission, ret = %{public}d", ret);
-            bundleInfo.gids.push_back(NETSYS_SOCKET_GROUPID);
+            gids.push_back(NETSYS_SOCKET_GROUPID);
 #endif
         }
 
@@ -1690,7 +1691,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     AppSpawnStartMsg startMsg;
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
-    startMsg.gids = bundleInfo.gids;
+    startMsg.gids = gids;
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
     startMsg.bundleName = bundleName;
-- 
Gitee


From 3c987833c0d28947ebe0bbc0546dcaee597ee8e9 Mon Sep 17 00:00:00 2001
From: handf0830 <handf0830@thundersoft.com>
Date: Fri, 30 Jun 2023 15:42:00 +0800
Subject: [PATCH 16/16] just for test

Signed-off-by: handf0830 <handf0830@thundersoft.com>
---
 services/appmgr/src/app_mgr_service_inner.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp
index 65b3e578151..f3fc2eba4d4 100644
--- a/services/appmgr/src/app_mgr_service_inner.cpp
+++ b/services/appmgr/src/app_mgr_service_inner.cpp
@@ -1691,7 +1691,7 @@ void AppMgrServiceInner::StartProcess(const std::string &appName, const std::str
     AppSpawnStartMsg startMsg;
     startMsg.uid = bundleInfo.uid;
     startMsg.gid = bundleInfo.gid;
-    startMsg.gids = gids;
+    //startMsg.gids = gids;
     startMsg.accessTokenId = bundleInfo.applicationInfo.accessTokenId;
     startMsg.apl = bundleInfo.applicationInfo.appPrivilegeLevel;
     startMsg.bundleName = bundleName;
-- 
Gitee