connman.service: Add CAP_SYS_MODULE to enable module loading

If iptables functionality is built as modules and the modules are not yet loaded, add CAP_SYS_MODULE capability to allow ConnMan to load any modules necessary when tethering. Reported by Brian H. Anderson
author: Patrik Flykt <patrik.flykt@linux.intel.com> 2016-03-08 12:11:54 +0200
committer: Patrik Flykt <patrik.flykt@linux.intel.com> 2016-03-08 15:59:22 +0200
commit: 9e96310aeef8aefc8de1b41ade21ad0cc1e17788 (patch)
tree: eb6b6c5700d3cdc4402d3293946ccc75ffc5c69a
parent: 6f7ff26e795d66842a63df9ee686ba20fcaebe5f (diff)
download: connman-9e96310aeef8aefc8de1b41ade21ad0cc1e17788.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/connman.service.in b/src/connman.service.in
index 09dfec98..57eaaf96 100644
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -13,7 +13,7 @@ BusName=net.connman
 Restart=on-failure
 ExecStart=@sbindir@/connmand -n
 StandardOutput=null
-CapabilityBoundingSet=CAP_KILL CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SYS_TIME
+CapabilityBoundingSet=CAP_KILL CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SYS_TIME CAP_SYS_MODULE
 ProtectHome=true
 ProtectSystem=full
author	Patrik Flykt <patrik.flykt@linux.intel.com>	2016-03-08 12:11:54 +0200
committer	Patrik Flykt <patrik.flykt@linux.intel.com>	2016-03-08 15:59:22 +0200
commit	9e96310aeef8aefc8de1b41ade21ad0cc1e17788 (patch)
tree	eb6b6c5700d3cdc4402d3293946ccc75ffc5c69a
parent	6f7ff26e795d66842a63df9ee686ba20fcaebe5f (diff)
download	connman-9e96310aeef8aefc8de1b41ade21ad0cc1e17788.tar.gz