[systemd-devel] [PATCH] Add CAP_MAC_OVERRIDE in logind and hostnamed units

Maciej Wereski m.wereski at partner.samsung.com
Fri Mar 7 03:11:32 PST 2014


---
 units/systemd-hostnamed.service.in |    2 +-
 units/systemd-logind.service.in    |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 3f5ef75..ac7d9b6 100644
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -13,5 +13,5 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed
 [Service]
 ExecStart=@rootlibexecdir@/systemd-hostnamed
 BusName=org.freedesktop.hostname1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_MAC_OVERRIDE CAP_SYS_PTRACE
 WatchdogSec=1min
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index c6cbd1c..125f201 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -23,7 +23,7 @@ ExecStart=@rootlibexecdir@/systemd-logind
 Restart=always
 RestartSec=0
 BusName=org.freedesktop.login1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_MAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
 WatchdogSec=1min
 
 # Increase the default a bit in order to allow many simultaneous
-- 
1.7.9.5



More information about the systemd-devel mailing list