From: Jiung <jiung.yu@samsung.com>
Date: Tue, 24 Oct 2017 05:32:06 +0000 (+0900)
Subject: Add capabilities to run a charon IPsec daemon
X-Git-Tag: submit/tizen/20171030.235228~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ef3acbafbed9f04abb95eb817313d388cb3e87aa;p=platform%2Fupstream%2Fconnman.git

Add capabilities to run a charon IPsec daemon

Change-Id: If32cff2a0e60d7e50d2b4cd5669536267d4bef4c
Signed-off-by: Yu jiung <jiung.yu@samsung.com>
---

diff --git a/src/connman.service.in b/src/connman.service.in
index cc964e25..de1b37dc 100755
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -12,7 +12,7 @@ Restart=on-failure
 SmackProcessLabel=System
 ExecStart=@bindir@/connmand -n --noplugin vpn
 StandardOutput=null
-Capabilities=cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
+Capabilities=cap_setgid,cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
 SecureBits=keep-caps
 
 [Install]
diff --git a/vpn/connman-vpn.service.in b/vpn/connman-vpn.service.in
index a4c294ec..32d2d142 100755
--- a/vpn/connman-vpn.service.in
+++ b/vpn/connman-vpn.service.in
@@ -11,7 +11,7 @@ BusName=net.connman.vpn
 SmackProcessLabel=System
 ExecStart=@bindir@/connman-vpnd -n
 StandardOutput=null
-Capabilities=cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
+Capabilities=cap_setgid,cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
 SecureBits=keep-caps
 
 [Install]