From 40ce0bb81bb496daf27f36a887b133c9f277f2fc Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Sat, 11 Jan 2014 14:11:45 -0800
Subject: [PATCH] allow adbd setpcap

adbd uses setpcap to drop capabilities from the bounding
set on user builds. See system/core commit
080427e4e2b1b72718b660e16b6cf38b3a3c4e3f

Change-Id: I6aec8d321b8210ea50a56aeee9bc94738514beab
---
 adbd.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/adbd.te b/adbd.te
index b44cd98e1..c475a76f6 100644
--- a/adbd.te
+++ b/adbd.te
@@ -12,6 +12,9 @@ allow adbd shell:process noatsecure;
 # Set UID and GID to shell.  Set supplementary groups.
 allow adbd self:capability { setuid setgid };
 
+# Drop capabilities from bounding set on user builds.
+allow adbd self:capability setpcap;
+
 # Create and use network sockets.
 net_domain(adbd)
 
-- 
GitLab