diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-05-15 18:55:19 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-05-15 18:55:19 +0200 |
commit | e3ad07d21c3592525ee2f4760ea114bbaa9752a9 (patch) | |
tree | 50ff74b6eec60e71c46923c75e44b1074a080d87 | |
parent | 679be2a74241a70028438217bace423a1a45faa6 (diff) |
timesyncd: limit capabilities to CAP_SYS_TIME
-rw-r--r-- | units/systemd-timesyncd.service.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in index 21015c64b1..e279d1bc29 100644 --- a/units/systemd-timesyncd.service.in +++ b/units/systemd-timesyncd.service.in @@ -16,6 +16,7 @@ Type=notify Restart=always RestartSec=0 ExecStart=@rootlibexecdir@/systemd-timesyncd +CapabilityBoundingSet=CAP_SYS_TIME [Install] WantedBy=multi-user.target |