build: Start using CapabilityBoundingSet option from systemd
This commit is contained in:
parent
0f21157287
commit
e6a99f461a
|
@ -9,6 +9,7 @@ BusName=net.connman.iwd
|
|||
ExecStart=@libexecdir@/iwd
|
||||
LimitNPROC=1
|
||||
Restart=on-failure
|
||||
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
||||
PrivateTmp=true
|
||||
NoNewPrivileges=true
|
||||
DevicePolicy=closed
|
||||
|
|
|
@ -9,6 +9,7 @@ BusName=net.connman.ead
|
|||
ExecStart=@libexecdir@/ead
|
||||
LimitNPROC=1
|
||||
Restart=on-failure
|
||||
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
||||
PrivateTmp=true
|
||||
NoNewPrivileges=true
|
||||
PrivateDevices=true
|
||||
|
|
Loading…
Reference in New Issue