Source: android_filesystem_config.h
GitHub AOSP mirror: android_filesystem_config.h
Name | Id | Description |
---|---|---|
AID_ROOT | 0 | traditional unix root user |
AID_DAEMON | 1 | Traditional unix daemon owner. |
AID_BIN | 2 | Traditional unix binaries owner. |
AID_SYS | 3 | A group with the same gid on Linux/macOS/Android. |
AID_SYSTEM | 1000 | system server |
AID_RADIO | 1001 | telephony subsystem, RIL |
AID_BLUETOOTH | 1002 | bluetooth subsystem |
AID_GRAPHICS | 1003 | graphics devices |
AID_INPUT | 1004 | input devices |
AID_AUDIO | 1005 | audio devices |
AID_CAMERA | 1006 | camera devices |
AID_LOG | 1007 | log devices |
AID_COMPASS | 1008 | compass device |
AID_MOUNT | 1009 | mountd socket |
AID_WIFI | 1010 | wifi subsystem |
AID_ADB | 1011 | android debug bridge (adbd) |
AID_INSTALL | 1012 | group for installing packages |
AID_MEDIA | 1013 | mediaserver process |
AID_DHCP | 1014 | dhcp client |
AID_SDCARD_RW | 1015 | external storage write access |
AID_VPN | 1016 | vpn system |
AID_KEYSTORE | 1017 | keystore subsystem |
AID_USB | 1018 | USB devices |
AID_DRM | 1019 | DRM server |
AID_MDNSR | 1020 | MulticastDNSResponder (service discovery) |
AID_GPS | 1021 | GPS daemon |
AID_UNUSED1 | 1022 | deprecated, DO NOT USE |
AID_MEDIA_RW | 1023 | internal media storage write access |
AID_MTP | 1024 | MTP USB driver access |
AID_UNUSED2 | 1025 | deprecated, DO NOT USE |
AID_DRMRPC | 1026 | group for drm rpc |
AID_NFC | 1027 | nfc subsystem |
AID_SDCARD_R | 1028 | external storage read access |
AID_CLAT | 1029 | clat part of nat464 |
AID_LOOP_RADIO | 1030 | loop radio devices |
AID_MEDIA_DRM | 1031 | MediaDrm plugins |
AID_PACKAGE_INFO | 1032 | access to installed package details |
AID_SDCARD_PICS | 1033 | external storage photos access |
AID_SDCARD_AV | 1034 | external storage audio/video access |
AID_SDCARD_ALL | 1035 | access all users external storage |
AID_LOGD | 1036 | log daemon |
AID_SHARED_RELRO | 1037 | creator of shared GNU RELRO files |
AID_DBUS | 1038 | dbus-daemon IPC broker process |
AID_TLSDATE | 1039 | tlsdate unprivileged user |
AID_MEDIA_EX | 1040 | mediaextractor process |
AID_AUDIOSERVER | 1041 | audioserver process |
AID_METRICS_COLL | 1042 | metrics_collector process |
AID_METRICSD | 1043 | metricsd process |
AID_WEBSERV | 1044 | webservd process |
AID_DEBUGGERD | 1045 | debuggerd unprivileged user |
AID_MEDIA_CODEC | 1046 | mediacodec process |
AID_CAMERASERVER | 1047 | cameraserver process |
AID_FIREWALL | 1048 | firewalld process |
AID_TRUNKS | 1049 | trunksd process (TPM daemon) |
AID_NVRAM | 1050 | Access-controlled NVRAM |
AID_DNS | 1051 | DNS resolution daemon (system: netd) |
AID_DNS_TETHER | 1052 | DNS resolution daemon (tether: dnsmasq) |
AID_WEBVIEW_ZYGOTE | 1053 | WebView zygote process |
AID_VEHICLE_NETWORK | 1054 | Vehicle network service |
AID_MEDIA_AUDIO | 1055 | GID for audio files on internal media storage |
AID_MEDIA_VIDEO | 1056 | GID for video files on internal media storage |
AID_MEDIA_IMAGE | 1057 | GID for image files on internal media storage |
AID_TOMBSTONED | 1058 | tombstoned user |
AID_MEDIA_OBB | 1059 | GID for OBB files on internal media storage |
AID_ESE | 1060 | embedded secure element (eSE) subsystem |
AID_OTA_UPDATE | 1061 | resource tracking UID for OTA updates |
AID_AUTOMOTIVE_EVS | 1062 | Automotive rear and surround view system |
AID_LOWPAN | 1063 | LoWPAN subsystem |
AID_HSM | 1064 | hardware security module subsystem |
AID_RESERVED_DISK | 1065 | GID that has access to reserved disk space |
AID_STATSD | 1066 | statsd daemon |
AID_INCIDENTD | 1067 | incidentd daemon |
AID_SECURE_ELEMENT | 1068 | secure element subsystem |
AID_LMKD | 1069 | low memory killer daemon |
AID_LLKD | 1070 | live lock daemon |
AID_IORAPD | 1071 | input/output readahead and pin daemon |
AID_GPU_SERVICE | 1072 | GPU service daemon |
AID_NETWORK_STACK | 1073 | network stack service |
AID_GSID | 1074 | GSI service daemon |
AID_FSVERITY_CERT | 1075 | fs-verity key ownership in keystore |
AID_CREDSTORE | 1076 | identity credential manager service |
AID_EXTERNAL_STORAGE | 1077 | Full external storage access including USB OTG volumes |
AID_EXT_DATA_RW | 1078 | GID for app-private data directories on external storage |
AID_EXT_OBB_RW | 1079 | GID for OBB directories on external storage |
AID_CONTEXT_HUB | 1080 | GID for access to the Context Hub |
AID_VIRTUALIZATIONSERVICE | 1081 | VirtualizationService daemon |
AID_ARTD | 1082 | ART Service daemon |
AID_UWB | 1083 | UWB subsystem |
AID_THREAD_NETWORK | 1084 | Thread Network subsystem |
AID_DICED | 1085 | Android's DICE daemon |
AID_DMESGD | 1086 | dmesg parsing daemon for kernel report collection |
AID_JC_WEAVER | 1087 | Javacard Weaver HAL - to manage omapi ARA rules |
AID_JC_STRONGBOX | 1088 | Javacard Strongbox HAL - to manage omapi ARA rules |
AID_JC_IDENTITYCRED | 1089 | Javacard Identity Cred HAL - to manage omapi ARA rules |
AID_SDK_SANDBOX | 1090 | SDK sandbox virtual UID |
AID_SECURITY_LOG_WRITER | 1091 | write to security log |
AID_PRNG_SEEDER | 1092 | PRNG seeder daemon |
AID_SHELL | 2000 | adb and debug shell user |
AID_CACHE | 2001 | cache access |
AID_DIAG | 2002 | access to diagnostic resources |
AID_OEM_RESERVED_START | 2900 | |
AID_OEM_RESERVED_END | 2999 | |
AID_NET_BT_ADMIN | 3001 | bluetooth: create any socket |
AID_NET_BT | 3002 | bluetooth: create sco, rfcomm or l2cap sockets |
AID_INET | 3003 | can create AF_INET and AF_INET6 sockets |
AID_NET_RAW | 3004 | can create raw INET sockets |
AID_NET_ADMIN | 3005 | can configure interfaces and routing tables. |
AID_NET_BW_STATS | 3006 | read bandwidth statistics |
AID_NET_BW_ACCT | 3007 | change bandwidth statistics accounting |
AID_READPROC | 3009 | Allow /proc read access |
AID_WAKELOCK | 3010 | Allow system wakelock read/write access |
AID_UHID | 3011 | Allow read/write to /dev/uhid node |
AID_READTRACEFS | 3012 | Allow tracefs read |
AID_OEM_RESERVED_2_START | 5000 | |
AID_OEM_RESERVED_2_END | 5999 | |
AID_SYSTEM_RESERVED_START | 6000 | |
AID_SYSTEM_RESERVED_END | 6499 | |
AID_ODM_RESERVED_START | 6500 | |
AID_ODM_RESERVED_END | 6999 | |
AID_PRODUCT_RESERVED_START | 7000 | |
AID_PRODUCT_RESERVED_END | 7499 | |
AID_SYSTEM_EXT_RESERVED_START | 7500 | |
AID_SYSTEM_EXT_RESERVED_END | 7999 | |
AID_EVERYBODY | 9997 | shared between all apps in the same profile |
AID_MISC | 9998 | access to misc storage |
AID_NOBODY | 9999 | |
AID_APP | 10000 | TODO: switch users over to AID_APP_START |
AID_APP_START | 10000 | first app user |
AID_APP_END | 19999 | last app user |
AID_CACHE_GID_START | 20000 | start of gids for apps to mark cached data |
AID_CACHE_GID_END | 29999 | end of gids for apps to mark cached data |
AID_EXT_GID_START | 30000 | start of gids for apps to mark external data |
AID_EXT_GID_END | 39999 | end of gids for apps to mark external data |
AID_EXT_CACHE_GID_START | 40000 | start of gids for apps to mark external cached data |
AID_EXT_CACHE_GID_END | 49999 | end of gids for apps to mark external cached data |
AID_SHARED_GID_START | 50000 | start of gids for apps in each user to share |
AID_SHARED_GID_END | 59999 | end of gids for apps in each user to share |
AID_OVERFLOWUID | 65534 | unmapped user in the user namespace |
AID_SDK_SANDBOX_PROCESS_START | 20000 | start of uids allocated to sdk sandbox processes |
AID_SDK_SANDBOX_PROCESS_END | 29999 | end of uids allocated to sdk sandbox processes |
AID_ISOLATED_START | 90000 | start of uids for fully isolated sandboxed processes |
AID_ISOLATED_END | 99999 | end of uids for fully isolated sandboxed processes |
AID_USER | 100000 | TODO: switch users over to AID_USER_OFFSET |
AID_USER_OFFSET | 100000 | offset for uid ranges for each user |