From 8fd090587bddcca6608a4053eb71a6e70eab45fb Mon Sep 17 00:00:00 2001 From: =?utf8?q?=C5=81ukasz=20Stelmach?= Date: Tue, 28 Jun 2022 15:31:24 +0200 Subject: [PATCH] tizen: Set AmbientCapabilities in user@.service MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Replace[*] obsolete Capabilities option in user@.service with AmbientCapabilities to provide appropriate set of capabilties for systemd to manage user session. According to capability set transformation rules described in capabilities(7) if a process with nonzero user IDs performs an execve(2) then any capabilities that are present in its permitted and effective sets will be cleared. This means that for systemd running with nonzero UID (i.e. as the user session manager) to keep permitted and effective capability sets non-empty without setting file capabilities for systemd it is required to use ambient capabilities. Using file capabilities for systemd may be a wrong choice in the long term, because different sets of capabilities may be assigned to different user sessions. [*] During update to v255 previous commits changing the value of the Capabilities options were dropped. Change-Id: I479fbbcf153737dbf88340ef4eb4be15d707a9a4 Signed-off-by: Łukasz Stelmach --- units/user@.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/units/user@.service.in b/units/user@.service.in index 5682176..40f8280 100644 --- a/units/user@.service.in +++ b/units/user@.service.in @@ -27,6 +27,7 @@ Delegate=pids memory cpu DelegateSubgroup=init.scope TasksMax=infinity TimeoutStopSec={{ DEFAULT_USER_TIMEOUT_SEC*4//3 }}s +AmbientCapabilities=cap_sys_admin cap_sys_nice cap_mac_admin cap_dac_override cap_setgid cap_sys_chroot KeyringMode=inherit OOMScoreAdjust=100 MemoryPressureWatch=skip -- 2.7.4