From 50aba5a5e3b1c521e63b884f1a22543d07633de3 Mon Sep 17 00:00:00 2001
From: Kidong Kim <kd0228.kim@samsung.com>
Date: Fri, 13 May 2016 20:52:48 +0900
Subject: [PATCH] Add some groups for user session daemons

Because user session daemons have same uid/gid with applications,
include them in specific gids for checking privilege.
The security-manager will drop these groups from applications.

Change-Id: I1ed91e75cb605a4c6bffa604fe992ec995ff2845
---
 units/user@.service.m4.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/units/user@.service.m4.in b/units/user@.service.m4.in
index 2ad2261..9957ee1 100644
--- a/units/user@.service.m4.in
+++ b/units/user@.service.m4.in
@@ -21,4 +21,5 @@ Delegate=yes
 TasksMax=infinity
 Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/dbus/user_bus_socket
 Capabilities=cap_mac_admin,cap_mac_override,cap_setgid=i
+SupplementaryGroups=priv_mediastorage priv_externalstorage priv_message_read priv_mapservice priv_network_get priv_internet
 SecureBits=keep-caps
-- 
2.7.4