summaryrefslogtreecommitdiff
path: root/test/test-execute/exec-ambientcapabilities-nobody.service
diff options
context:
space:
mode:
authorYu Watanabe <watanabe.yu+github@gmail.com>2018-03-05 00:02:22 +0900
committerYu Watanabe <watanabe.yu+github@gmail.com>2018-03-05 00:02:22 +0900
commite5ba1d324d3bda239907cd704a2f9646e777b820 (patch)
tree93d51690daee4d311b805343757578301e348f6b /test/test-execute/exec-ambientcapabilities-nobody.service
parentb7856f9218e23fde0932072786b640fdef37582f (diff)
downloadsystemd-e5ba1d324d3bda239907cd704a2f9646e777b820.tar.gz
test-execute: use CAP_CHOWN instead of CAP_NET_ADMIN
CAP_NET_ADMIN is somtrimes dropped by container runtime. This changes to use CAP_CHOWN instead of CAP_NET_ADMIN, as it is less likely to be dropped.
Diffstat (limited to 'test/test-execute/exec-ambientcapabilities-nobody.service')
-rw-r--r--test/test-execute/exec-ambientcapabilities-nobody.service4
1 files changed, 2 insertions, 2 deletions
diff --git a/test/test-execute/exec-ambientcapabilities-nobody.service b/test/test-execute/exec-ambientcapabilities-nobody.service
index d63f884ef8..07a6c7511d 100644
--- a/test/test-execute/exec-ambientcapabilities-nobody.service
+++ b/test/test-execute/exec-ambientcapabilities-nobody.service
@@ -2,7 +2,7 @@
Description=Test for AmbientCapabilities
[Service]
-ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000003000"'
+ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"'
Type=oneshot
User=nobody
-AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW
+AmbientCapabilities=CAP_CHOWN CAP_NET_RAW
View Lorry Controller Status