From 50f130c286c4a4cb87a94a0fc419a4462a98a7a1 Mon Sep 17 00:00:00 2001
From: Ronny Chevalier <chevalier.ronny@gmail.com>
Date: Sun, 28 Feb 2016 15:00:18 +0100
Subject: test-execute: add nfsnobody alternative as a nobody user

---
 test/test-execute/exec-capabilityambientset-nfsnobody.service | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 test/test-execute/exec-capabilityambientset-nfsnobody.service

(limited to 'test/test-execute/exec-capabilityambientset-nfsnobody.service')

diff --git a/test/test-execute/exec-capabilityambientset-nfsnobody.service b/test/test-execute/exec-capabilityambientset-nfsnobody.service
new file mode 100644
index 0000000000..614cfdd584
--- /dev/null
+++ b/test/test-execute/exec-capabilityambientset-nfsnobody.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Test for AmbientCapabilities
+
+[Service]
+ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb:	0000000000003000"'
+Type=oneshot
+User=nfsnobody
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW
-- 
cgit v1.2.3-54-g00ecf