Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 14:39:39 +01:00
Code Releases Activity

build: Start using CapabilityBoundingSet option from systemd

Browse Source
This commit is contained in:
Marcel Holtmann 2019-09-08 20:26:49 +02:00
parent 0f21157287
commit e6a99f461a
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/iwd.service.in
View File

@ -9,6 +9,7 @@ BusName=net.connman.iwd
ExecStart=@libexecdir@/iwd ExecStart=@libexecdir@/iwd
LimitNPROC=1 LimitNPROC=1
Restart=on-failure Restart=on-failure
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
PrivateTmp=true PrivateTmp=true
NoNewPrivileges=true NoNewPrivileges=true
DevicePolicy=closed DevicePolicy=closed

1
wired/ead.service.in
View File

@ -9,6 +9,7 @@ BusName=net.connman.ead
ExecStart=@libexecdir@/ead ExecStart=@libexecdir@/ead
LimitNPROC=1 LimitNPROC=1
Restart=on-failure Restart=on-failure
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
PrivateTmp=true PrivateTmp=true
NoNewPrivileges=true NoNewPrivileges=true
PrivateDevices=true PrivateDevices=true