kerberos: Add kerberosd-exec user to kerberosd group
The Kerberos daemon runs untrusted code as kerberosd-exec user. This
user needs to access files in the daemon store folder, which is owned
by kerberosd:kerberosd. Thus, it needs to be in the kerberosd group.
BUG=chromium:973391
TEST=None
Cq-Depend: chromium:1695556
Change-Id: I0c138537fde0f4b7753b299f817f283d482feea7
Reviewed-on: https://chromium-review.googlesource.com/1687869
Tested-by: Lutz Justen <ljusten@chromium.org>
Commit-Ready: Lutz Justen <ljusten@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org>
Reviewed-by: Lutz Justen <ljusten@chromium.org>
diff --git a/profiles/base/accounts/group/kerberosd b/profiles/base/accounts/group/kerberosd
index 8f2a22f..04c75e9 100644
--- a/profiles/base/accounts/group/kerberosd
+++ b/profiles/base/accounts/group/kerberosd
@@ -1,3 +1,3 @@
group:kerberosd
gid:20131
-users:kerberosd
+users:kerberosd,kerberosd-exec
