# For configuration files
mkdir -p %TZ_SYS_VAR/lib/wmesh
+chown network_fw:network_fw %TZ_SYS_VAR/lib/wmesh
%files
%manifest wmeshd.manifest
%license LICENSE
%defattr(-,root,root,-)
-%caps(cap_net_raw,cap_net_admin=eip) %attr(750,system,system) %{_bindir}/wmeshd
+%caps(cap_net_raw,cap_net_admin=ei) %attr(750,network_fw,network_fw) %{_bindir}/wmeshd
%if %{CHECK_WMESH_PRIVILEGE} == "True"
%config %{_sysconfdir}/dbus-1/system.d/wmeshd.conf
%endif
ExecStart=/usr/bin/wmeshd
CapabilityBoundingSet=~CAP_MAC_ADMIN
CapabilityBoundingSet=~CAP_MAC_OVERRIDE
+Capabilities=cap_net_admin,cap_net_raw=i
+SecureBits=keep-caps
#define HOSTAPD_BIN "/usr/sbin/hostapd"
#define HOSTAPD_DEBUG_FILE "/var/log/mesh_hostapd.log"
#define HOSTAPD_ENTROPY_FILE tzplatform_mkpath(TZ_SYS_VAR, "/lib/misc/hostapd.bin")
-#define HOSTAPD_MESH_CONF_FILE tzplatform_mkpath(TZ_SYS_VAR, "/lib/mesh/mesh_hostapd.conf")
+#define HOSTAPD_MESH_CONF_FILE tzplatform_mkpath(TZ_SYS_VAR, "/lib/wmesh/mesh_hostapd.conf")
#define HOSTAPD_CTRL_INTF_DIR tzplatform_mkpath(TZ_SYS_RUN, "/hostapd")
#define HOSTAPD_PID_FILE tzplatform_mkpath(TZ_SYS_RUN, "/.mesh_hostapd.pid")
#define HOSTAPD_ALLOWED_LIST tzplatform_mkpath(TZ_SYS_VAR, "/lib/hostapd/hostapd.accept")
fp = fopen(HOSTAPD_MESH_CONF_FILE, "w");
if (NULL == fp) {
- WMESH_LOGE("Could not create the file.");
+ WMESH_LOGE("Could not create the file [%s].", HOSTAPD_MESH_CONF_FILE);
g_free(conf);
return WMESHD_ERROR_IO_ERROR;
}