# cap_sys_admin remount at rpm installation
if [ -e "/usr/sbin/sdbd" ]
-then /usr/sbin/setcap cap_setuid,cap_setgid,cap_dac_override,cap_sys_admin=eip /usr/sbin/sdbd
+then /usr/sbin/setcap cap_setuid,cap_setgid,cap_dac_override,cap_sys_admin=ei /usr/sbin/sdbd
fi
# Package alarm-server
# cap_fowner use chmod API
if [ -e "/usr/bin/tpk-backend" ]
-then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=eip /usr/bin/tpk-backend
+then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=ei /usr/bin/tpk-backend
fi
# Package wgt-backend
# cap_fowner use chmod API
if [ -e "/usr/bin/wgt-backend" ]
-then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=eip /usr/bin/wgt-backend
+then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=ei /usr/bin/wgt-backend
fi
# Package xdelta3
# Package connmand
# Owner Hyunuk Tak(hyunuk.tak@samsung.com)
# Date Oct 7, 2016
-# Required cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw
+# Required cap_dac_override,cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw
# cap_net_admin to add interface flags and make the interface UP/DOWN using ioctl
# cap_net_bind_service to execute bind() function
# cap_net_broadcast to make socket broadcasts, and listen to multicasts
# cap_net_admin to use ioctl socket
# cap_net_bind_service to call bind
# cap_net_raw to use RAW socket
-# cap_fowner network interface configruration
# cap_dac_override to access bridge device
if [ -e "/usr/bin/hostapd" ]
-then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_raw,cap_fowner,cap_dac_override=eip /usr/bin/hostapd
+then /usr/sbin/setcap cap_net_admin,cap_net_bind_service,cap_net_raw,cap_dac_override=eip /usr/bin/hostapd
fi
# Package dnsmasq
# Owner Seonah Moon(seonah1.moon@samsung.com)
# Date April 11, 2016
# Required cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot
-# cap_fowner network interface configruration
# cap_net_bind_service to call bind
# cap_net_admin to use ioctl socket
# cap_sys_chroot to use root permission in spacific location
if [ -e "/usr/sbin/named" ]
-then /usr/sbin/setcap cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot=eip /usr/sbin/named
+then /usr/sbin/setcap cap_net_bind_service,cap_net_admin,cap_sys_chroot=ei /usr/sbin/named
fi
# Package tcpdump
# cap_dac_read_search to access pkg directory
if [ -e "/usr/bin/pkg_getsize" ]
-then /usr/sbin/setcap cap_dac_read_search=eip /usr/bin/pkg_getsize
+then /usr/sbin/setcap cap_dac_read_search=ei /usr/bin/pkg_getsize
fi
# Package platform/core/messaging/email-service
# TODO: REMOVED IN TIZEN 4.0
if [ -e "/usr/bin/pkg_cleardata" ]
-then /usr/sbin/setcap cap_dac_override=eip /usr/bin/pkg_cleardata
+then /usr/sbin/setcap cap_dac_override=ei /usr/bin/pkg_cleardata
fi
# Package platform/core/appfw/launchpad
# TODO : check the reason
if [ -e "/usr/bin/focus_server" ]
-then /usr/sbin/setcap cap_chown,cap_fowner,cap_lease=eip /usr/bin/focus_server
+then /usr/sbin/setcap cap_fowner,cap_lease=ei /usr/bin/focus_server
fi
if [ -e "/usr/bin/sound_server" ]
-then /usr/sbin/setcap cap_chown,cap_fowner,cap_lease=eip /usr/bin/sound_server
+then /usr/sbin/setcap cap_lease=ei /usr/bin/sound_server
fi
# Package platform/core/security/nether
projects / platform / core / security / security-config.git / commitdiff