From b440e50b6f4af0f7c3c5bc01d975d48f93ae3741 Mon Sep 17 00:00:00 2001
From: Steve Fung <stevefung@google.com>
Date: Fri, 21 Aug 2015 02:12:34 -0700
Subject: [PATCH] crash_reporter: Run with supplemental groups

In order to use metrics_lib, crash_reporter needs to be run with
system group permissions.  To use dbus, it needs dbus group
permissions.

Bug: 23406290
Change-Id: Ic679a057afa46aaadd59429aab0aea072c1973c5
---
 crash_reporter/user_collector.cc | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/crash_reporter/user_collector.cc b/crash_reporter/user_collector.cc
index ee2464865..61ccc37bd 100644
--- a/crash_reporter/user_collector.cc
+++ b/crash_reporter/user_collector.cc
@@ -24,6 +24,7 @@
 #include <stdint.h>
 #include <sys/cdefs.h>  // For __WORDSIZE
 #include <sys/types.h>  // For getpwuid_r, getgrnam_r, WEXITSTATUS.
+#include <unistd.h>  // For setgroups
 
 #include <string>
 #include <vector>
@@ -37,6 +38,7 @@
 #include <chromeos/process.h>
 #include <chromeos/syslog_logging.h>
 #include <cutils/properties.h>
+#include <private/android_filesystem_config.h>
 
 static const char kCollectionErrorSignature[] =
     "crash_reporter-user-collection";
@@ -77,6 +79,11 @@ void UserCollector::Initialize(
   core2md_failure_ = core2md_failure;
   directory_failure_ = directory_failure;
   filter_in_ = filter_in;
+
+  gid_t groups[] = { AID_SYSTEM, AID_DBUS };
+  if (setgroups(arraysize(groups), groups) != 0) {
+    PLOG(FATAL) << "Unable to set groups to system and dbus";
+  }
 }
 
 UserCollector::~UserCollector() {