From 5d2df4af01380736a240b652472f217f9766aebb Mon Sep 17 00:00:00 2001
From: Karol Lewandowski <k.lewandowsk@samsung.com>
Date: Tue, 17 Apr 2018 10:33:07 +0200
Subject: [PATCH] service: Move common options to sdbd.service

 - Security options
 - Ensure tmp is mounted for PIDFile=/tmp/... to work

Change-Id: I40deac3492674ae70d249292d7ae3af95aad72f0
---
 packaging/sdbd.service | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/packaging/sdbd.service b/packaging/sdbd.service
index eb49efe..3ec4efc 100644
--- a/packaging/sdbd.service
+++ b/packaging/sdbd.service
@@ -1,10 +1,16 @@
 [Unit]
 Description=sdbd
+After=tmp.mount
 
 [Service]
+User=sdk
+Group=sdk
+SmackProcessLabel=System
 #If necessary, Put Environment variable settings in a file like below
 #ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf"
 Type=simple
+Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i
+SecureBits=keep-caps
 PIDFile=/tmp/.sdbd.pid
 RemainAfterExit=yes
 ExecStart=/usr/sbin/sdbd
-- 
2.7.4