Add cap_sys_chroot to launchpad-process-pool

- It is needed to support "Debug Attach" used by gdbserver.

Change-Id: I1ec73238bd3b2294b6a3b1600e1460921c047a43

diff --git a/config/set_capability b/config/set_capability
index 5de3fcda10c253a02432bd2291ed317f28015b2e..a05937264dabc2427c25bf374672d36f20d4cf62 100755 (executable)
--- a/config/set_capability
+++ b/config/set_capability
@@ -399,16 +399,17 @@ fi
 # Package               platform/core/appfw/launchpad
 # Owner                 Junghoon Park(jh9216.park@samsung.com)
 # Date                  July 4, 2017
-# Required              /usr/bin/launchpad-process-pool : cap_mac_admin, cap_dac_override, cap_setgid, cap_sys_admin, cap_sys_nice : ei
+# Required              /usr/bin/launchpad-process-pool : cap_mac_admin, cap_dac_override, cap_setgid, cap_sys_admin, cap_sys_nice, cap_sys_chroot : ei
 # Required              /usr/bin/launchpad-loader : cap_sys_admin,cap_sys_nice,cap_setgid : ei
 # cap_mac_admin                to use security_manager_prepare_app()
 # cap_dac_override      fd redirection in debug mode of app running
 # cap_setgid           to use security_manager_prepare_app()
 # cap_sys_admin                to split mount namespace
 # cap_sys_nice         to change scheduling priority
+# cap_sys_chroot       to use setns()
 
 if [ -e "/usr/bin/launchpad-process-pool" ]
-then /usr/sbin/setcap cap_sys_admin,cap_sys_nice,cap_mac_admin,cap_dac_override,cap_setgid=ei /usr/bin/launchpad-process-pool
+then /usr/sbin/setcap cap_sys_admin,cap_sys_nice,cap_mac_admin,cap_dac_override,cap_setgid,cap_sys_chroot=ei /usr/bin/launchpad-process-pool
 fi
 
 # TODO : condition check about launchpad-starter is temporary