From 3b9fd5ffcd3badffc08e3e71ba4cc41d3a73c9e4 Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Thu, 9 May 2013 17:03:16 -0700
Subject: [PATCH] SELinux policy: let adbd drop Linux capabilities.

Change-Id: Id41891b89c7b067919cbda06ab97d5eff2ad044f
---
 adbd.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adbd.te b/adbd.te
index c565bd75e..8420298a3 100644
--- a/adbd.te
+++ b/adbd.te
@@ -3,7 +3,7 @@
 type adbd, domain, mlstrustedsubject;
 allow adbd adb_device:chr_file rw_file_perms;
 allow adbd qemu_device:chr_file rw_file_perms;
-allow adbd self:capability { net_raw setgid setuid dac_override sys_boot sys_admin };
+allow adbd self:capability { net_raw setgid setuid setpcap dac_override sys_boot sys_admin };
 allow adbd rootfs:file { r_file_perms entrypoint };
 allow adbd init:process sigchld;
 allow adbd self:tcp_socket *;
-- 
GitLab