From e54ca5fa0ef7b4d8b07823faaeb50f3632f27534 Mon Sep 17 00:00:00 2001
From: David Anderson <dvander@google.com>
Date: Wed, 11 Apr 2018 12:29:54 -0700
Subject: [PATCH] storaged: lower capabilities in init

Lower storaged's capabilities to DAC_READ_SEARCH as an initial step
toward running it non-root.

Bug: 77634061
Test: storaged still runs and its /proc/pid/status has lower CapPrms
Change-Id: Ibfe0349fc059e2f37efba33f587176e8ce6be9fe
---
 storaged/storaged.rc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/storaged/storaged.rc b/storaged/storaged.rc
index a24c7fba8..ed2cf145a 100644
--- a/storaged/storaged.rc
+++ b/storaged/storaged.rc
@@ -1,5 +1,6 @@
 service storaged /system/bin/storaged
     class main
+    capabilities DAC_READ_SEARCH
     priority 10
     file /d/mmc0/mmc0:0001/ext_csd r
     writepid /dev/cpuset/system-background/tasks