]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ebc6f34)
units: set ConditionVirtualization=!private-users on journald audit socket (#6508)
authorDimitri John Ledkov <xnox@ubuntu.com>
Wed, 2 Aug 2017 08:15:26 +0000 (09:15 +0100)
committerMartin Pitt <martinpitt@users.noreply.github.com>
Wed, 2 Aug 2017 08:15:26 +0000 (10:15 +0200)
It fails to start in an unprivileged container as audit is not namespace aware.

units/systemd-journald-audit.socket patch | blob | blame | history

diff --git a/units/systemd-journald-audit.socket b/units/systemd-journald-audit.socket
index 541f2cf38d374b16a232fd88b039ad9401924f90..6ee86214c482638491d16e037d36bf2f49261587 100644 (file)
--- a/units/systemd-journald-audit.socket
+++ b/units/systemd-journald-audit.socket
@@ -12,6 +12,7 @@ DefaultDependencies=no
 Before=sockets.target
 ConditionSecurity=audit
 ConditionCapability=CAP_AUDIT_READ
+ConditionVirtualization=!private-users
 
 [Socket]
 Service=systemd-journald.service
Unnamed repository; edit this file 'description' to name the repository.