Add kill capability to systemd service file

author sam-lunt <samuel.j.lunt@gmail.com>

Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)

committer GitHub <noreply@github.com>

Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)
author sam-lunt <samuel.j.lunt@gmail.com>
Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)
committer GitHub <noreply@github.com>
Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)
diff --git a/contrib/unbound.service.in b/contrib/unbound.service.in

index 6726f9d8cab13de04d9ea130d0ad5c1e48042c8e..334ab6d17e29b1545ef675f437bd0be8c59a6a91 100644 (file)
--- a/contrib/unbound.service.in
+++ b/contrib/unbound.service.in
@@ -13,7 +13,7 @@ ExecReload=/bin/kill -HUP $MAINPID
  ExecStart=@UNBOUND_SBIN_DIR@/unbound -d
  NotifyAccess=main
  Type=notify
-CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW CAP_KILL
  MemoryDenyWriteExecute=true
  NoNewPrivileges=true
  PrivateDevices=true
author	sam-lunt <samuel.j.lunt@gmail.com>
	Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)
committer	GitHub <noreply@github.com>
	Sat, 21 Sep 2019 19:36:12 +0000 (14:36 -0500)