diff options
author | Peter Qiu <zqiu@google.com> | 2015-09-28 13:42:48 -0700 |
---|---|---|
committer | Peter Qiu <zqiu@google.com> | 2015-09-29 20:09:19 +0000 |
commit | 56e03e7819eab800e077513451cb4fce68ec6066 (patch) | |
tree | faad2f9202c3a7d5ce845a87ae3718a3495453e9 | |
parent | 771952dc58b6e5eef5fcfe97a1ba2ac7881b2bfe (diff) | |
download | apmanager-56e03e7819eab800e077513451cb4fce68ec6066.tar.gz |
Do not run apmanager in minijail for now
When starting apmanager through Android's init system, the daemon
will be started under "system" user, and that's currently targeted
user for running apmanager. So there is no need to use minijail to
drop the user privileges to "system" user" again.
So skip this for now until we create a new user/group to run apmanager
under.
Bug: 22828115
TEST=Manual test on dragonboard
Change-Id: Ib37553126f9a9a4024a16f68d91d240ca855f55c
-rw-r--r-- | main.cc | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -123,9 +123,15 @@ void OnStartup(const char* daemon_name, base::CommandLine* cl) { LOG(INFO) << __func__ << ": Dropping privileges"; + // TODO(zqiu): apmanager is currently started as the "system" user on Android, + // so there is no need to drop privileges to the "system" user again. + // Drop user privileges when we're running apmanager under a different + // user/group. +#if !defined(__ANDROID__) // Now that the daemon has all the resources it needs to run, we can drop // privileges further. DropPrivileges(minijail); +#endif // __ANDROID } int main(int argc, char* argv[]) { |