networkd: add CapabilityBoundingSet

author Tom Gundersen <teg@jklm.no>

Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)

committer Tom Gundersen <teg@jklm.no>

Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)
author Tom Gundersen <teg@jklm.no>
Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)
committer Tom Gundersen <teg@jklm.no>
Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in

index ca40691..5eb398a 100644 (file)
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -19,6 +19,7 @@ Type=notify
  Restart=always
  RestartSec=0
  ExecStart=@rootlibexecdir@/systemd-networkd
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_PTRACE
  WatchdogSec=1min
  
  [Install]
author	Tom Gundersen <teg@jklm.no>
	Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)
committer	Tom Gundersen <teg@jklm.no>
	Mon, 24 Mar 2014 16:13:24 +0000 (17:13 +0100)