[systemd-devel] [PATCH] Add CAP_MAC_OVERRIDE in logind and hostnamed units
Maciej Wereski
m.wereski at partner.samsung.com
Fri Mar 7 03:11:32 PST 2014
---
units/systemd-hostnamed.service.in | 2 +-
units/systemd-logind.service.in | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 3f5ef75..ac7d9b6 100644
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -13,5 +13,5 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed
[Service]
ExecStart=@rootlibexecdir@/systemd-hostnamed
BusName=org.freedesktop.hostname1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_MAC_OVERRIDE CAP_SYS_PTRACE
WatchdogSec=1min
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index c6cbd1c..125f201 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -23,7 +23,7 @@ ExecStart=@rootlibexecdir@/systemd-logind
Restart=always
RestartSec=0
BusName=org.freedesktop.login1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_MAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
WatchdogSec=1min
# Increase the default a bit in order to allow many simultaneous
--
1.7.9.5
More information about the systemd-devel
mailing list