units: remove CAP_SYS_PTRACE capability from hostnamed/networkd

[elogind.git] / units / systemd-hostnamed.service.in

diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 44812592e22c036fabfd0f5c9dfa87a724bdc36a..79e22c1d4fd832b2d875ee68e5723928fc1348fd 100644 (file)
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -13,7 +13,7 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed
 [Service]
 ExecStart=@rootlibexecdir@/systemd-hostnamed
 BusName=org.freedesktop.hostname1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE
+CapabilityBoundingSet=CAP_SYS_ADMIN
 WatchdogSec=1min
 PrivateTmp=yes
 PrivateDevices=yes