diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-11-12 17:57:45 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2018-11-12 19:05:36 +0100 |
commit | 1bded6b28fe13a06eba4882890dd0ffc7739e201 (patch) | |
tree | 7043b0f96fcce9bb0486497570478f8c04473e1b /units | |
parent | Merge pull request #10741 from poettering/signal-check (diff) | |
download | systemd-1bded6b28fe13a06eba4882890dd0ffc7739e201.tar.gz systemd-1bded6b28fe13a06eba4882890dd0ffc7739e201.tar.bz2 systemd-1bded6b28fe13a06eba4882890dd0ffc7739e201.zip |
logind: drop CAP_KILL from caps bounding set
logind doesn't kill any processes anymore, hence let's drop the
capability.
Diffstat (limited to 'units')
-rw-r--r-- | units/systemd-logind.service.in | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in index 38a7f269a..ff1fd9676 100644 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@ -21,7 +21,7 @@ After=dbus.socket [Service] BusName=org.freedesktop.login1 -CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG ExecStart=@rootlibexecdir@/systemd-logind FileDescriptorStoreMax=512 IPAddressDeny=any |