[systemd-commits] units/systemd-timesyncd.service.in
Lennart Poettering
lennart at kemper.freedesktop.org
Thu May 15 09:55:47 PDT 2014
units/systemd-timesyncd.service.in | 1 +
1 file changed, 1 insertion(+)
New commits:
commit e3ad07d21c3592525ee2f4760ea114bbaa9752a9
Author: Lennart Poettering <lennart at poettering.net>
Date: Thu May 15 18:55:19 2014 +0200
timesyncd: limit capabilities to CAP_SYS_TIME
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in
index 21015c6..e279d1b 100644
--- a/units/systemd-timesyncd.service.in
+++ b/units/systemd-timesyncd.service.in
@@ -16,6 +16,7 @@ Type=notify
Restart=always
RestartSec=0
ExecStart=@rootlibexecdir@/systemd-timesyncd
+CapabilityBoundingSet=CAP_SYS_TIME
[Install]
WantedBy=multi-user.target
More information about the systemd-commits
mailing list