From 40ce0bb81bb496daf27f36a887b133c9f277f2fc Mon Sep 17 00:00:00 2001 From: Nick Kralevich <nnk@google.com> Date: Sat, 11 Jan 2014 14:11:45 -0800 Subject: [PATCH] allow adbd setpcap adbd uses setpcap to drop capabilities from the bounding set on user builds. See system/core commit 080427e4e2b1b72718b660e16b6cf38b3a3c4e3f Change-Id: I6aec8d321b8210ea50a56aeee9bc94738514beab --- adbd.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/adbd.te b/adbd.te index b44cd98e1..c475a76f6 100644 --- a/adbd.te +++ b/adbd.te @@ -12,6 +12,9 @@ allow adbd shell:process noatsecure; # Set UID and GID to shell. Set supplementary groups. allow adbd self:capability { setuid setgid }; +# Drop capabilities from bounding set on user builds. +allow adbd self:capability setpcap; + # Create and use network sockets. net_domain(adbd) -- GitLab