summaryrefslogtreecommitdiff
path: root/units/systemd-machined.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'units/systemd-machined.service.in')
-rw-r--r--units/systemd-machined.service.in2
1 files changed, 1 insertions, 1 deletions
diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
index 5a890b5b7a..bbb13de315 100644
--- a/units/systemd-machined.service.in
+++ b/units/systemd-machined.service.in
@@ -15,7 +15,7 @@ After=machine.slice
[Service]
ExecStart=@rootlibexecdir@/systemd-machined
BusName=org.freedesktop.machine1
-CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID
+CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT
WatchdogSec=1min
PrivateTmp=yes
PrivateDevices=yes