mdnsd: Remove 'net_raw' GID.

The 'net_raw' GID is an Android addition that does not exist upstream. It grants the CAP_NET_RAW capability. However, it does not appear to be required for mdnsd. There are no raw sockets being created in the code: mdnsresponder$ grep -R "socket(" * shows no use of raw sockets. As per 'man capabilities(7)', CAP_NET_RAW is used for: """ * use RAW and PACKET sockets; * bind to any address for transparent proxying. """ Removing this use of 'net_raw' will allow us to drop the kernel patches that grant CAP_NET_RAW with the 'net_raw' GID. Bug: 33938230 Test: 'start mdnsd' works. Test: Install "Bonjour Browser" app, do a scan. Test: 'adb logcat -b all -d | grep mDNS' shows mDNSResponder starting. Change-Id: Idb67788d56115c1b36a97c1962fd03eb26e82a68
author: Jorge Lucangeli Obes <jorgelo@google.com> 2017-01-24 16:18:21 -0500
committer: Jorge Lucangeli Obes <jorgelo@google.com> 2017-01-24 16:36:30 -0500
commit: 918d4611096dbb72ea44f46c2d72ce2e36f38e3b (patch)
tree: 650be76a3def7d7728400a7f43bac99f6ca7f252
parent: 36db250fcc1cca4ca58516e6d203b820fdd27757 (diff)
download: mdnsresponder-918d4611096dbb72ea44f46c2d72ce2e36f38e3b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/mdnsd.rc b/mdnsd.rc
index 2f35e21..0696ac5 100644
--- a/mdnsd.rc
+++ b/mdnsd.rc
@@ -1,7 +1,7 @@
 service mdnsd /system/bin/mdnsd
     class main
     user mdnsr
-    group inet net_raw
+    group inet
     socket mdnsd stream 0660 mdnsr inet
     disabled
     oneshot
author	Jorge Lucangeli Obes <jorgelo@google.com>	2017-01-24 16:18:21 -0500
committer	Jorge Lucangeli Obes <jorgelo@google.com>	2017-01-24 16:36:30 -0500
commit	918d4611096dbb72ea44f46c2d72ce2e36f38e3b (patch)
tree	650be76a3def7d7728400a7f43bac99f6ca7f252
parent	36db250fcc1cca4ca58516e6d203b820fdd27757 (diff)
download	mdnsresponder-918d4611096dbb72ea44f46c2d72ce2e36f38e3b.tar.gz