commit ad43cc647162e06a957e70dcbdbc33ac5dd3b509
author Jorge Lucangeli Obes <jorgelo@chromium.org> Wed Apr 11 16:25:43 2012 -0700
committer Gerrit <chrome-bot@google.com> Thu May 17 13:03:21 2012 -0700
tree 999e053884111091b7e618a2ae6d14aea11d9a41
parent f80ef06356f02be2bb0995168255dc8de9ff0d04

Launch dhcpcd using Minijail.

dhcpcd runs as root and listens on the network. Launch it using Minijail
so that we can run it as a regular user, mitigating the risk of an eventual
compromise.

Add a mock Minijail wrapper for unittesting.

BUG=chromium-os:28336
TEST=dhcp_config_unittest
TEST=network_netperf2
TEST=Manual connection to ethernet, GoogleGuest, Google-A.
CQ-DEPEND=I243e02c82f70c6a3469ca712e539ec9fb6e3e4d4

Change-Id: I14c4e843eba478ed39b10fa4fcb0e25eb3186c1a
Reviewed-on: https://gerrit.chromium.org/gerrit/20414
Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>

dhcp_config.h

diff --git a/dhcp_config.h b/dhcp_config.h
index e66ee98..c850a9f 100644
--- a/dhcp_config.h
+++ b/dhcp_config.h
@@ -14,6 +14,7 @@
 #include <gtest/gtest_prod.h>  // for FRIEND_TEST
 
 #include "shill/ipconfig.h"
+#include "shill/minijail.h"
 
 namespace shill {
 
@@ -106,6 +107,7 @@
   static const char kDHCPCDPathFormatLease[];
   static const char kDHCPCDPathFormatPID[];
   static const int kDHCPTimeoutSeconds;
+  static const char kDHCPCDUser[];
 
   static const char kReasonBound[];
   static const char kReasonFail[];
@@ -192,6 +194,8 @@
   EventDispatcher *dispatcher_;
   GLib *glib_;
 
+  Minijail *minijail_;
+
   DISALLOW_COPY_AND_ASSIGN(DHCPConfig);
 };