Tag hostapd binary with CAP_NET_ADMIN | CAP_NET_RAW Bug: 30041118 Change-Id: I14d1fd601fc4bce12c563a2004e91bd8ba0f42c3 Test: hostapd can start as the wifi user with these capabilities. (cherry picked from commit 25024901781db197880fc398e43c76008ecde524) (cherry picked from commit a76088362ec4bb6ee91820dab7dbf225e43baa83)

commit: 6f8e12e6fc7c66b11ef731dc3a40deb2dd551afd [log] [tgz]
author: Christopher Wiley <wiley@google.com> Tue Jul 12 14:30:21 2016 -0700
committer: Mitchell Wills <mwills@google.com> Wed Sep 07 13:30:23 2016 -0700
tree: 39b4a510d95ffea8fda4e5ccd8dcbd6838e21174
parent: 3b80e5bc9f356cdab14982563b1edb5654fd8e70 [diff] [blame]
diff --git a/libcutils/fs_config.c b/libcutils/fs_config.c
index 840ac86..2922ec4 100644
--- a/libcutils/fs_config.c
+++ b/libcutils/fs_config.c

@@ -142,6 +142,10 @@
     { 00750, AID_ROOT,      AID_SHELL,     CAP_MASK_LONG(CAP_SETUID) | CAP_MASK_LONG(CAP_SETGID), "system/bin/run-as" },
     { 00700, AID_SYSTEM,    AID_SHELL,     CAP_MASK_LONG(CAP_BLOCK_SUSPEND), "system/bin/inputflinger" },
 
+    /* Support hostapd administering a network interface. */
+    { 00755, AID_WIFI,      AID_WIFI,     CAP_MASK_LONG(CAP_NET_ADMIN) |
+                                          CAP_MASK_LONG(CAP_NET_RAW),    "system/bin/hostapd" },
+
     { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/uncrypt" },
     { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/install-recovery.sh" },
     { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/*" },
commit	6f8e12e6fc7c66b11ef731dc3a40deb2dd551afd	[log] [tgz]
author	Christopher Wiley <wiley@google.com>	Tue Jul 12 14:30:21 2016 -0700
committer	Mitchell Wills <mwills@google.com>	Wed Sep 07 13:30:23 2016 -0700
tree	39b4a510d95ffea8fda4e5ccd8dcbd6838e21174
parent	3b80e5bc9f356cdab14982563b1edb5654fd8e70 [diff] [blame]