systemd: require CAP_AUDIT_WRITE for NetworkManager servicebg/audit-bgo749364

We need it to write messages to kernel auditing log.
author: Beniamino Galvani <bgalvani@redhat.com> 2015-07-24 17:08:30 +0200
committer: Beniamino Galvani <bgalvani@redhat.com> 2015-07-24 17:08:30 +0200
commit: 6be44f32e4a05cd78eb1412d1db8476385ef53c6 (patch)
tree: 769628210137cffa0e2d882782d0fcf7af25505e
parent: 81b416bf428c15bed5d158eb42df4f014a05b23b (diff)
download: NetworkManager-bg/audit-bgo749364.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index 42b43e381b..fbaf77d855 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -11,7 +11,7 @@ ExecStart=@sbindir@/NetworkManager --no-daemon
 Restart=on-failure
 # NM doesn't want systemd to kill its children for it
 KillMode=process
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE
 ProtectSystem=true
 ProtectHome=read-only
author	Beniamino Galvani <bgalvani@redhat.com>	2015-07-24 17:08:30 +0200
committer	Beniamino Galvani <bgalvani@redhat.com>	2015-07-24 17:08:30 +0200
commit	6be44f32e4a05cd78eb1412d1db8476385ef53c6 (patch)
tree	769628210137cffa0e2d882782d0fcf7af25505e
parent	81b416bf428c15bed5d158eb42df4f014a05b23b (diff)
download	NetworkManager-bg/audit-bgo749364.tar.gz