give cap_dac_override to network modules

- cap_dac_override is required to access bridge device

Change-Id: I3f2bb5e1f58df4cbb692546053bb2f2617573af4

diff --git a/config/set_capability b/config/set_capability
index f1bd3232b9b22f286e287a8bd24ab4c68e7f6019..b763cc5460e9e18ed2a531270b6dc7d40df345bb 100755 (executable)
--- a/config/set_capability
+++ b/config/set_capability
@@ -178,9 +178,14 @@ fi
 # cap_net_bind_service to execute bind() function
 # cap_net_broadcast    to make socket broadcasts, and listen to multicasts
 # cap_net_raw          to use RAW socket
+# cap_dac_override     to access bridge device
 
 if [ -e "/usr/bin/connmand" ]
-then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=ei /usr/bin/connmand
+then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_dac_override=ei /usr/bin/connmand
+fi
+
+if [ -e "/usr/bin/connman-vpnd" ]
+then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_dac_override=ei /usr/bin/connman-vpnd
 fi
 
 # Package              net-config
@@ -200,9 +205,10 @@ fi
 # Required             cap_net_admin, cap_net_raw
 # cap_net_admin                to add interface flags and configure the interface using ioctl and driver commands
 # cap_net_raw          to use RAW socket
+# cap_dac_override     to access bridge device
 
 if [ -e "/usr/bin/wpa_supplicant" ]
-then /usr/sbin/setcap cap_net_admin,cap_net_raw=ei /usr/bin/wpa_supplicant
+then /usr/sbin/setcap cap_net_admin,cap_net_raw,cap_dac_override=ei /usr/bin/wpa_supplicant
 fi
 
 # Package              mobileap-agent
@@ -230,9 +236,10 @@ fi
 # cap_net_bind_service         to call bind
 # cap_net_raw          to use RAW socket
 # cap_fowner           network interface configruration
+# cap_dac_override     to access bridge device
 
 if [ -e "/usr/bin/hostapd" ]
-then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_raw,cap_fowner=eip /usr/bin/hostapd
+then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_raw,cap_fowner,cap_dac_override=eip /usr/bin/hostapd
 fi
 
 # Package              dnsmasq
@@ -425,10 +432,11 @@ fi
 # Required              cap_net_admin, cap_net_raw
 # cap_net_admin                for network interface up/down
 # cap_net_raw          to use raw socket
+# cap_dac_override     to access bridge device
 
 # some profiles create the symlink to telephony-daemon
 if [ -e "/usr/bin/telephony-daemon" ]
-then /usr/sbin/setcap cap_net_admin,cap_net_raw=ei $(/usr/bin/readlink -f /usr/bin/telephony-daemon)
+then /usr/sbin/setcap cap_net_admin,cap_net_raw,cap_dac_override=ei $(/usr/bin/readlink -f /usr/bin/telephony-daemon)
 fi
 
 # Package               platform/core/system/session-utils
@@ -526,9 +534,10 @@ fi
 # Owner                 Saerome Kim(saerome.kim@samsung.com)
 # Date                  Aug 11, 2017
 # Required              cap_net_raw, cap_net_admin
+# cap_dac_override     to access bridge device
 
 if [ -e "/usr/bin/wmeshd" ]
-then /usr/sbin/setcap cap_net_raw,cap_net_admin=ei /usr/bin/wmeshd
+then /usr/sbin/setcap cap_net_raw,cap_net_admin,cap_dac_override=ei /usr/bin/wmeshd
 fi
 
 # Package               platform/core/security/ode
@@ -546,6 +555,16 @@ if [ -e "/usr/bin/oded" ]
 then /usr/sbin/setcap cap_dac_override,cap_sys_admin,cap_sys_boot,cap_sys_ptrace,cap_kill=ei /usr/bin/oded
 fi
 
+# Package               platform/upstream/bluez
+# Owner                 Saerome Kim(saerome.kim@samsung.com saerome.kim@samsung.com )
+# Date                  Nov 24, 2017
+# Required              cap_dac_override, cap_sys_admin, cap_sys_boot, cap_sys_ptrace, cap_kill
+# cap_dac_override     to access bridge device
+
+if [ -e "/usr/libexec/bluetooth/bluetoothd" ]
+then /usr/sbin/setcap cap_dac_override=ei /usr/libexec/bluetooth/bluetoothd
+fi
+
 # TODO: MOVE TO OTHER SCRIPT OR REMOVE
 # Requested by sooyeon.kim@samsung.com
 if [ -e "/etc/skel/share/.voice" ]