Merge change 5852 into donut

* changes: rootdir: Modify init.rc to run mtpd/racoon as a non-root user.
author: Android (Google) Code Review <android-gerrit@google.com> 2009-06-30 19:37:05 -0700
committer: Android (Google) Code Review <android-gerrit@google.com> 2009-06-30 19:37:05 -0700
commit: 5c49135b032235f82560d5e55b0e4c547506516b (patch)
tree: 6070d08838abea54d638b5ca05f04632cd5a2c10
parent: 9ad18f0576f1945419d31b56fea6987210521c35 (diff)
parent: 51afbf583819f3bdfc96f3c66c9c3444803e792a (diff)
download: core-5c49135b032235f82560d5e55b0e4c547506516b.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 23ee1c8a5..ac066fad2 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -286,13 +286,17 @@ service installd /system/bin/installd
 service flash_recovery /system/bin/flash_image recovery /system/recovery.img
     oneshot
 
-service racoon /system/bin/racoon -F -f /etc/racoon/racoon.conf
+service racoon /system/bin/racoon
     socket racoon stream 600 system system
+    # racoon will setuid to vpn after getting necessary resources.
+    group net_admin keystore
     disabled
     oneshot
 
 service mtpd /system/bin/mtpd
     socket mtpd stream 600 system system
+    user vpn
+    group vpn net_admin net_raw
     disabled
     oneshot
author	Android (Google) Code Review <android-gerrit@google.com>	2009-06-30 19:37:05 -0700
committer	Android (Google) Code Review <android-gerrit@google.com>	2009-06-30 19:37:05 -0700
commit	5c49135b032235f82560d5e55b0e4c547506516b (patch)
tree	6070d08838abea54d638b5ca05f04632cd5a2c10
parent	9ad18f0576f1945419d31b56fea6987210521c35 (diff)
parent	51afbf583819f3bdfc96f3c66c9c3444803e792a (diff)
download	core-5c49135b032235f82560d5e55b0e4c547506516b.tar.gz