From d282509a9d3447d22537d8384a435fe2aeb56030 Mon Sep 17 00:00:00 2001
From: Mika Liljeberg <mika.liljeberg@nokia.com>
Date: Mon, 1 Nov 2010 17:53:02 +0200
Subject: main: add capabilities for phonet

Phonet sockets require CAP_SYS_ADMIN and SO_BINDTODEVICE socket
option requires CAP_NET_RAW.
---
 src/main.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/main.c b/src/main.c
index 93149bcf..eca008ed 100644
--- a/src/main.c
+++ b/src/main.c
@@ -140,7 +140,8 @@ int main(int argc, char **argv)
 	/* Drop capabilities */
 	capng_clear(CAPNG_SELECT_BOTH);
 	capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
-				CAP_NET_BIND_SERVICE, CAP_NET_ADMIN, -1);
+				CAP_NET_BIND_SERVICE, CAP_NET_ADMIN,
+				CAP_NET_RAW, CAP_SYS_ADMIN, -1);
 	capng_apply(CAPNG_SELECT_BOTH);
 #endif
 
-- 
cgit v1.2.3