storaged: lower capabilities in init Lower storaged's capabilities to DAC_READ_SEARCH as an initial step toward running it non-root. Bug: 77634061 Test: storaged still runs and its /proc/pid/status has lower CapPrms Exempt-From-Owner-Approval: stale OWNERS no longer in org Change-Id: Ibfe0349fc059e2f37efba33f587176e8ce6be9fe Merged-In: Ibfe0349fc059e2f37efba33f587176e8ce6be9fe

commit: f0a3e5bc1e3a92bf52484bae0a049dc8de439dc0 [log] [tgz]
author: David Anderson <dvander@google.com> Wed Apr 11 12:29:54 2018 -0700
committer: David Anderson <dvander@google.com> Fri Apr 13 11:27:48 2018 -0700
tree: a87e99cd7386dbefecfe0ce53b37429713a8b5d1
parent: f6233a41faa5e2d5ab04eaa0ae60913bfbebf337 [diff]
diff --git a/storaged/storaged.rc b/storaged/storaged.rc
index 1840d05..0614fad 100644
--- a/storaged/storaged.rc
+++ b/storaged/storaged.rc

@@ -1,5 +1,6 @@
 service storaged /system/bin/storaged
     class main
+    capabilities DAC_READ_SEARCH
     priority 10
     file /d/mmc0/mmc0:0001/ext_csd r
     writepid /dev/cpuset/system-background/tasks
commit	f0a3e5bc1e3a92bf52484bae0a049dc8de439dc0	[log] [tgz]
author	David Anderson <dvander@google.com>	Wed Apr 11 12:29:54 2018 -0700
committer	David Anderson <dvander@google.com>	Fri Apr 13 11:27:48 2018 -0700
tree	a87e99cd7386dbefecfe0ce53b37429713a8b5d1
parent	f6233a41faa5e2d5ab04eaa0ae60913bfbebf337 [diff]