chiark / gitweb /
journal: add CAP_SETUID and CAP_SETGID to capabilities for journald, so that we can...
authorLennart Poettering <lennart@poettering.net>
Fri, 10 Feb 2012 14:45:26 +0000 (15:45 +0100)
committerLennart Poettering <lennart@poettering.net>
Fri, 10 Feb 2012 14:46:24 +0000 (15:46 +0100)
units/systemd-journald.service.in

index c153d47..92606b0 100644 (file)
@@ -18,7 +18,7 @@ After=syslog.socket
 ExecStart=@rootlibexecdir@/systemd-journald
 NotifyAccess=all
 StandardOutput=null
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID
 
 # Increase the default a bit in order to allow many simultaneous
 # services being run since we keep one fd open per service.