Merge "racoon: Use capabilities instead of GIDs." am: 4891688cc1 am: cf00477f3f am: aa1f33ca3c

am: 71ced1d554 Change-Id: I98d12e5d00d054f1ed14eec597d57f862a7aa851
author: Jorge Lucangeli Obes <jorgelo@google.com> 2017-01-12 16:54:22 +0000
committer: android-build-merger <android-build-merger@google.com> 2017-01-12 16:54:22 +0000
commit: 3fa4ac31eba394604539c344a25af895cf2b8ed1 (patch)
tree: 42fdfe4a68e1894d6d7b3b456b692caefacc3a09
parent: 13457d730f22f52ca60908b9845ea00dc8633546 (diff)
parent: 71ced1d554e1477e84f5dd09744e16947d205156 (diff)
download: ipsec-tools-3fa4ac31eba394604539c344a25af895cf2b8ed1.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/racoon.rc b/racoon.rc
index 2d2a8f2..2feb5ae 100644
--- a/racoon.rc
+++ b/racoon.rc
@@ -2,6 +2,7 @@ service racoon /system/bin/racoon
     class main
     socket racoon stream 600 system system
     # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
-    group vpn net_admin inet
+    group vpn inet
+    capabilities NET_ADMIN
     disabled
     oneshot
author	Jorge Lucangeli Obes <jorgelo@google.com>	2017-01-12 16:54:22 +0000
committer	android-build-merger <android-build-merger@google.com>	2017-01-12 16:54:22 +0000
commit	3fa4ac31eba394604539c344a25af895cf2b8ed1 (patch)
tree	42fdfe4a68e1894d6d7b3b456b692caefacc3a09
parent	13457d730f22f52ca60908b9845ea00dc8633546 (diff)
parent	71ced1d554e1477e84f5dd09744e16947d205156 (diff)
download	ipsec-tools-3fa4ac31eba394604539c344a25af895cf2b8ed1.tar.gz