android: Change user to bluetooth when starting daemon

author: Szymon Janc <szymon.janc@tieto.com> 2014-01-17 16:30:45 +0100
committer: Szymon Janc <szymon.janc@gmail.com> 2014-01-17 20:41:45 +0100
commit: 4ae70ba552e775f3a75f623e09674fd6b040f761 (patch)
tree: d408f8627f041f3b4747a1d83cc54aa8b154cc4b /android/main.c
parent: 6fdab888da0ed86495ca00e7b07d28ea0a28a894 (diff)
download: bluez-4ae70ba552e775f3a75f623e09674fd6b040f761.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/android/main.c b/android/main.c
index 6324f315f..8983a8434 100644
--- a/android/main.c
+++ b/android/main.c
@@ -38,6 +38,7 @@
 #include <sys/signalfd.h>
 #if defined(ANDROID)
 #include <sys/capability.h>
+#include <linux/prctl.h>
 #endif
 
 #include <glib.h>
@@ -350,6 +351,18 @@ static bool set_capabilities(void)
 		CAP_TO_MASK(CAP_NET_BIND_SERVICE);
 	cap.inheritable = 0;
 
+	/* don't clear capabilities when dropping root */
+	if (prctl(PR_SET_KEEPCAPS, 1) < 0) {
+		error("%s: prctl(): %s", __func__,strerror(errno));
+		return false;
+	}
+
+	/* Android bluetooth user UID=1002 */
+	if (setuid(1002) < 0) {
+		error("%s: setuid(): %s", __func__, strerror(errno));
+		return false;
+	}
+
 	/* TODO: Move to cap_set_proc once bionic support it */
 	if (capset(&header, &cap) < 0) {
 		error("%s: capset(): %s", __func__, strerror(errno));
author	Szymon Janc <szymon.janc@tieto.com>	2014-01-17 16:30:45 +0100
committer	Szymon Janc <szymon.janc@gmail.com>	2014-01-17 20:41:45 +0100
commit	4ae70ba552e775f3a75f623e09674fd6b040f761 (patch)
tree	d408f8627f041f3b4747a1d83cc54aa8b154cc4b /android/main.c
parent	6fdab888da0ed86495ca00e7b07d28ea0a28a894 (diff)
download	bluez-4ae70ba552e775f3a75f623e09674fd6b040f761.tar.gz