if [ -e "/usr/bin/deviced-vibrator" ]
then /usr/sbin/setcap cap_dac_override=eip /usr/bin/deviced-vibrator
fi
+
+# Package connmand
+# Owner Hyunuk Tak(hyunuk.tak@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override,cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw
+# cap_dac_override to access ip address files in sys and proc file system
+# cap_net_admin network interface configruration
+# cap_net_bind_service to execute bind() function
+# cap_net_broadcast to make socket broadcasts, and listen to multicasts
+# cap_net_raw to use RAW socket
+
+if [ -e "/usr/sbin/connmand" ]
+then /usr/sbin/setcap cap_dac_override,cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=eip /usr/sbin/connmand
+fi
+
+# Package net-config
+# Owner Hyunuk Tak(hyunuk.tak@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override, cap_net_admin
+# cap_dac_override create log file inside /var/log directory
+# cap_net_admin scan wifi AP
+
+if [ -e "/usr/sbin/net-config" ]
+then /usr/sbin/setcap cap_dac_override,cap_net_admin=eip /usr/sbin/net-config
+fi
+
+# Package wpa_supplicant
+# Onwer Hyunuk Tak(hyunuk.tak@samsung.com)
+# Date Oct 7, 2016
+# Required cap_net_admin, cap_net_raw
+# cap_net_admin network interface configruration
+# cap_net_raw to use RAW socket
+
+if [ -e "/usr/sbin/wpa_supplicant" ]
+then /usr/sbin/setcap cap_net_admin,cap_net_raw=eip /usr/sbin/wpa_supplicant
+fi
+
+# Package mobileap-agent
+# Onwer Seonah Moon(seonah1.moon@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override, cap_fowner, cap_net_admin, cap_net_bind_service
+# cap_dac_override network interface configruration
+# cap_fowner network interface configruration
+# cap_net_admin to use ioctl socket
+# cap_net_bind_service to call bind
+
+if [ -e "/usr/bin/mobileap-agent" ]
+then /usr/sbin/setcap cap_dac_override,cap_fowner,cap_net_admin,cap_net_bind_service=eip /usr/bin/mobileap-agent
+fi
+
+# Package wpa_supplicant
+# Onwer Seonah Moon(seonah1.moon@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override, cap_net_admin, cap_net_bind_service, cap_net_raw, cap_fowner
+# cap_dac_override network interface configruration
+# cap_net_admin to use ioctl socket
+# cap_net_bind_service to call bind
+# cap_net_raw to use RAW socket
+# cap_fowner network interface configruration
+
+if [ -e "/usr/sbin/hostapd" ]
+then /usr/sbin/setcap cap_dac_override,cap_net_admin,cap_net_bind_service,cap_net_raw,cap_fowner=eip /usr/sbin/hostapd
+fi
+
+# Package dnsmasq
+# Onwer Seonah Moon(seonah1.moon@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override, cap_net_bind_service, cap_net_broadcast, cap_net_admin
+# Capability Bit only effective and inheriable
+# cap_dac_override network interface configruration
+# cap_net_admin to use ioctl socket
+# cap_net_bind_service to call bind
+# cap_net_broadcast to make socket broadcasts, and listen to multicasts
+
+if [ -e "/usr/bin/dnsmasq" ]
+then /usr/sbin/setcap cap_dac_override,cap_net_admin,cap_net_bind_service,cap_net_broadcast=ei /usr/bin/dnsmasq
+fi
+
+# Package iproute2
+# Onwer Seonah Moon(seonah1.moon@samsung.com)
+# Date Oct 7, 2016
+# Required cap_net_admin
+# Capability Bit only effective and inheriable
+# cap_net_admin to use ioctl socket
+
+if [ -e "/usr/sbin/ip" ]
+then /usr/sbin/setcap cap_net_admin=ei /usr/sbin/ip
+fi
+
+# Package iptables
+# Onwer Seonah Moon(seonah1.moon@samsung.com)
+# Date Oct 7, 2016
+# Required cap_dac_override, cap_sys_admin, cap_net_admin, cap_net_raw
+# Capability Bit only effective and inheriable
+# cap_dac_override network interface configruration
+# cap_net_admin to use ioctl socket
+# cap_net_raw to use RAW socket
+# cap_sys_admin to initialize iptables table
+
+if [ -e "/usr/sbin/xtables-multi" ]
+then /usr/sbin/setcap cap_dac_override,cap_net_admin,cap_net_raw,cap_sys_admin=ei /usr/sbin/xtables-multi
+fi
projects / platform / core / security / security-config.git / commitdiff