Merge "init: Put init in group AID_READPROC"

am: 995560919c Change-Id: Id2271f8200b020fe5ccaa82e3ea4b68368a6adf1
2016-10-31 19:21:49 +00:00 · 2016-10-31 19:21:49 +00:00 · ba2a810deb
commit ba2a810deb
parent fc60c4694c 995560919c
2 changed files with 4 additions and 4 deletions
--- a/init/init.cpp
+++ b/init/init.cpp
@ -585,6 +585,8 @@ int main(int argc, char** argv) {
        mount("devpts", "/dev/pts", "devpts", 0, NULL);
        #define MAKE_STR(x) __STRING(x)
        mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
+        gid_t groups[] = { AID_READPROC };
+        setgroups(arraysize(groups), groups);
        mount("sysfs", "/sys", "sysfs", 0, NULL);
        mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
        mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
--- a/init/service.cpp
+++ b/init/service.cpp
@ -233,10 +233,8 @@ void Service::SetProcessAttributes() {
            PLOG(FATAL) << "setgid failed for " << name_;
        }
    }
-    if (!supp_gids_.empty()) {
-        if (setgroups(supp_gids_.size(), &supp_gids_[0]) != 0) {
-            PLOG(FATAL) << "setgroups failed for " << name_;
-        }
+    if (setgroups(supp_gids_.size(), &supp_gids_[0]) != 0) {
+        PLOG(FATAL) << "setgroups failed for " << name_;
    }
    if (uid_) {
        if (setuid(uid_) != 0) {