chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
units: add SecureBits
[elogind.git] / units / systemd-networkd.service.in
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index 5a91b8e499bb8a09d6aa7de1949781f11fd8379a..057cc8cc46345cfb4e83d24a20db8b8a31131eac 100644 (file)
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -23,6 +23,7 @@ Restart=on-failure
 RestartSec=0
 ExecStart=@rootlibexecdir@/systemd-networkd
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER
+SecureBits=noroot noroot-locked
 ProtectSystem=full
 ProtectHome=yes
 WatchdogSec=1min
Unnamed repository; edit this file 'description' to name the repository.