toolbox: Make reboot a separate command from toolbox Set the CAP_SYS_BOOT filesystem capability on the new reboot command and keep CAP_SYS_BOOT in adb bounding set so that the shell user can run it. Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd

commit: c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadb [log] [tgz]
author: Benoit Goby <benoit@android.com> Fri Mar 22 16:23:48 2013 -0700
committer: Benoit Goby <benoit@android.com> Tue Mar 26 12:24:10 2013 -0700
tree: 3e2e332d9ed70377e13c91e2990c4a914d4f5f8b
parent: 82075a4044efe57ad9bad3d18982e311b4ef53ae [diff] [blame]
diff --git a/include/private/android_filesystem_config.h b/include/private/android_filesystem_config.h
index 540318f..850e0bd 100644
--- a/include/private/android_filesystem_config.h
+++ b/include/private/android_filesystem_config.h

@@ -228,8 +228,9 @@
     { 06755, AID_ROOT,      AID_ROOT,      0, "system/xbin/tcpdump" },
     { 04770, AID_ROOT,      AID_RADIO,     0, "system/bin/pppd-ril" },
 
-    /* the following file has enhanced capabilities and IS included in user builds. */
+    /* the following files have enhanced capabilities and ARE included in user builds. */
     { 00750, AID_ROOT,      AID_SHELL,     (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" },
+    { 00750, AID_ROOT,      AID_SHELL,     1 << CAP_SYS_BOOT, "system/bin/reboot" },
 
     { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/*" },
     { 00755, AID_ROOT,      AID_ROOT,      0, "system/lib/valgrind/*" },
commit	c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadb	[log] [tgz]
author	Benoit Goby <benoit@android.com>	Fri Mar 22 16:23:48 2013 -0700
committer	Benoit Goby <benoit@android.com>	Tue Mar 26 12:24:10 2013 -0700
tree	3e2e332d9ed70377e13c91e2990c4a914d4f5f8b
parent	82075a4044efe57ad9bad3d18982e311b4ef53ae [diff] [blame]