diff options
author | Beniamino Galvani <bgalvani@redhat.com> | 2015-07-24 17:08:30 +0200 |
---|---|---|
committer | Beniamino Galvani <bgalvani@redhat.com> | 2015-08-04 09:32:12 +0200 |
commit | 28c231d68667483a562c2ffe0d490c86d22f9528 (patch) | |
tree | ffe32e4ca9d58174ba3a6da8b62aea4c2289d583 /data | |
parent | 532ed38a3c98722362c35dab66426b63e700e874 (diff) | |
download | NetworkManager-28c231d68667483a562c2ffe0d490c86d22f9528.tar.gz |
systemd: require CAP_AUDIT_WRITE for NetworkManager service
We need it to write messages to kernel auditing log.
Diffstat (limited to 'data')
-rw-r--r-- | data/NetworkManager.service.in | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in index 42b43e381b..fbaf77d855 100644 --- a/data/NetworkManager.service.in +++ b/data/NetworkManager.service.in @@ -11,7 +11,7 @@ ExecStart=@sbindir@/NetworkManager --no-daemon Restart=on-failure # NM doesn't want systemd to kill its children for it KillMode=process -CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE +CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE ProtectSystem=true ProtectHome=read-only |