diff options
| author | Lennart Poettering <lennart@poettering.net> | 2011-04-20 03:34:58 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2011-04-20 03:34:58 +0200 |
| commit | 9534ce54858c67363b841cdbdc315140437bfdb4 (patch) | |
| tree | 587fdca5c1c2e07d7ece458d3597d0abe3d3eef8 /units | |
| parent | ec8b1194344627d922fb62bfba17edf17c8646d7 (diff) | |
units: set capability bounding set for syslog services
Diffstat (limited to 'units')
| -rw-r--r-- | units/systemd-kmsg-syslogd.service.in | 1 | ||||
| -rw-r--r-- | units/systemd-logger.service.in | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/units/systemd-kmsg-syslogd.service.in b/units/systemd-kmsg-syslogd.service.in index aea7583734..b20889e5e5 100644 --- a/units/systemd-kmsg-syslogd.service.in +++ b/units/systemd-kmsg-syslogd.service.in @@ -16,3 +16,4 @@ ExecStart=@rootlibexecdir@/systemd-kmsg-syslogd NotifyAccess=all StandardOutput=null Sockets=syslog.socket +CapabilityBoundingSet=CAP_DAC_OVERRIDE diff --git a/units/systemd-logger.service.in b/units/systemd-logger.service.in index 484df7a238..5f7fe40939 100644 --- a/units/systemd-logger.service.in +++ b/units/systemd-logger.service.in @@ -17,3 +17,4 @@ After=syslog.socket ExecStart=@rootlibexecdir@/systemd-logger NotifyAccess=all StandardOutput=null +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SETUID CAP_SETGID |