diff options
author | Szymon Janc <szymon.janc@tieto.com> | 2014-01-17 16:30:45 +0100 |
---|---|---|
committer | Szymon Janc <szymon.janc@gmail.com> | 2014-01-17 20:41:45 +0100 |
commit | 4ae70ba552e775f3a75f623e09674fd6b040f761 (patch) | |
tree | d408f8627f041f3b4747a1d83cc54aa8b154cc4b /android/main.c | |
parent | 6fdab888da0ed86495ca00e7b07d28ea0a28a894 (diff) | |
download | bluez-4ae70ba552e775f3a75f623e09674fd6b040f761.tar.gz |
android: Change user to bluetooth when starting daemon
Diffstat (limited to 'android/main.c')
-rw-r--r-- | android/main.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/android/main.c b/android/main.c index 6324f315f..8983a8434 100644 --- a/android/main.c +++ b/android/main.c @@ -38,6 +38,7 @@ #include <sys/signalfd.h> #if defined(ANDROID) #include <sys/capability.h> +#include <linux/prctl.h> #endif #include <glib.h> @@ -350,6 +351,18 @@ static bool set_capabilities(void) CAP_TO_MASK(CAP_NET_BIND_SERVICE); cap.inheritable = 0; + /* don't clear capabilities when dropping root */ + if (prctl(PR_SET_KEEPCAPS, 1) < 0) { + error("%s: prctl(): %s", __func__,strerror(errno)); + return false; + } + + /* Android bluetooth user UID=1002 */ + if (setuid(1002) < 0) { + error("%s: setuid(): %s", __func__, strerror(errno)); + return false; + } + /* TODO: Move to cap_set_proc once bionic support it */ if (capset(&header, &cap) < 0) { error("%s: capset(): %s", __func__, strerror(errno)); |