toolbox: Make reboot a separate command from toolbox Set the CAP_SYS_BOOT filesystem capability on the new reboot command and keep CAP_SYS_BOOT in adb bounding set so that the shell user can run it. Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd

commit: c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadb [log] [tgz]
author: Benoit Goby <benoit@android.com> Fri Mar 22 16:23:48 2013 -0700
committer: Benoit Goby <benoit@android.com> Tue Mar 26 12:24:10 2013 -0700
tree: 3e2e332d9ed70377e13c91e2990c4a914d4f5f8b
parent: 82075a4044efe57ad9bad3d18982e311b4ef53ae [diff] [blame]
diff --git a/adb/adb.c b/adb/adb.c
index d2a2d27..93a9334 100644
--- a/adb/adb.c
+++ b/adb/adb.c

@@ -1195,8 +1195,9 @@
 #endif
     int i;
     for (i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {
-        if ((i == CAP_SETUID) || (i == CAP_SETGID)) {
+        if (i == CAP_SETUID || i == CAP_SETGID || i == CAP_SYS_BOOT) {
             // CAP_SETUID CAP_SETGID needed by /system/bin/run-as
+            // CAP_SYS_BOOT          needed by /system/bin/reboot
             continue;
         }
         int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
commit	c6d7e200eddd620d8ac55259ab3aa5f8bfa2aadb	[log] [tgz]
author	Benoit Goby <benoit@android.com>	Fri Mar 22 16:23:48 2013 -0700
committer	Benoit Goby <benoit@android.com>	Tue Mar 26 12:24:10 2013 -0700
tree	3e2e332d9ed70377e13c91e2990c4a914d4f5f8b
parent	82075a4044efe57ad9bad3d18982e311b4ef53ae [diff] [blame]