init.rc: add inet permission to VPN daemons explicitly.
Racoon still needs it after dropping root privilege, or pure IPSec VPN will fail. Mtpd works without it because net_raw implies inet. However it would be better to set all of them clearly without the assumption. Change-Id: I50762af2c25ec9cc559e528c7b14f469494fd553
This commit is contained in:
Chia-chi Yeh
parent
0842f08b91
commit
a24687197d
|
|
@ -487,7 +487,7 @@ service racoon /system/bin/racoon
|
|||
class main
|
||||
socket racoon stream 600 system system
|
||||
# IKE uses UDP port 500. Racoon will setuid to vpn after binding the port.
|
||||
group vpn net_admin
|
||||
group vpn net_admin inet
|
||||
disabled
|
||||
oneshot
|
||||
|
||||
|
|
@ -495,7 +495,7 @@ service mtpd /system/bin/mtpd
|
|||
class main
|
||||
socket mtpd stream 600 system system
|
||||
user vpn
|
||||
group vpn net_admin net_raw
|
||||
group vpn net_admin inet net_raw
|
||||
disabled
|
||||
oneshot
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue