]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7d7c8ea)
logind: drop CAP_KILL from caps bounding set
authorLennart Poettering <lennart@poettering.net>
Mon, 12 Nov 2018 16:57:45 +0000 (17:57 +0100)
committerLennart Poettering <lennart@poettering.net>
Mon, 12 Nov 2018 18:05:36 +0000 (19:05 +0100)
logind doesn't kill any processes anymore, hence let's drop the
capability.

units/systemd-logind.service.in patch | blob | blame | history

diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index 38a7f269aca173af5f5c66ceaaaea009a2b2d766..ff1fd96765a732028b1f6799fc907c60b40498d4 100644 (file)
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -21,7 +21,7 @@ After=dbus.socket
 
 [Service]
 BusName=org.freedesktop.login1
-CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
 ExecStart=@rootlibexecdir@/systemd-logind
 FileDescriptorStoreMax=512
 IPAddressDeny=any
Unnamed repository; edit this file 'description' to name the repository.