Merge "racoon: Use capabilities instead of GIDs."android-n-mr2-preview-1

author: Treehugger Robot <treehugger-gerrit@google.com> 2017-01-12 16:34:42 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2017-01-12 16:34:43 +0000
commit: 4891688cc11a63f5ca218b29dc4bbe2342e44158 (patch)
tree: 42fdfe4a68e1894d6d7b3b456b692caefacc3a09
parent: 00d1181e9b14b977dc77e76f10f4a882fafc218f (diff)
parent: c7ba7d08564426f2d437662248f23ae31ad91bf3 (diff)
download: ipsec-tools-4891688cc11a63f5ca218b29dc4bbe2342e44158.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/racoon.rc b/racoon.rc
index 2d2a8f2..2feb5ae 100644
--- a/racoon.rc
+++ b/racoon.rc
@@ -2,6 +2,7 @@ service racoon /system/bin/racoon
     class main
     socket racoon stream 600 system system
     # IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
-    group vpn net_admin inet
+    group vpn inet
+    capabilities NET_ADMIN
     disabled
     oneshot
author	Treehugger Robot <treehugger-gerrit@google.com>	2017-01-12 16:34:42 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2017-01-12 16:34:43 +0000
commit	4891688cc11a63f5ca218b29dc4bbe2342e44158 (patch)
tree	42fdfe4a68e1894d6d7b3b456b692caefacc3a09
parent	00d1181e9b14b977dc77e76f10f4a882fafc218f (diff)
parent	c7ba7d08564426f2d437662248f23ae31ad91bf3 (diff)
download	ipsec-tools-4891688cc11a63f5ca218b29dc4bbe2342e44158.tar.gz