systemd/exec-ambientcapabilities-dynuser.service at b49595503dd8e41fc44cfdedfaa5d5c111c28610 - systemd - Gitea: Git with a cup of tea

IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to Administrator. User accounts are meant only to access repo and report issues and/or generate pull requests. This is a purpose-specific Git hosting for BaseALT projects. Thank you for your understanding!

Только зарегистрированные пользователи имеют доступ к сервису! Для получения аккаунта, обратитесь к администратору.

shaba/systemd

mirror of https://github.com/systemd/systemd.git synced 2025-01-21 22:04:01 +03:00

Luca Boccassi f4a35f2ad9 core: do not drop CAP_SETUID if it is in AmbientCapabilities=

Follow-up for 24832d10b604848cf46624bb439c7fac27f3ce3f

2023-12-01 10:48:14 +00:00

11 lines

324 B

Desktop File

Raw Blame History

 # SPDX-License-Identifier: LGPL-2.1-or-later
 [Unit]
 Description=Test for AmbientCapabilities (dynamic user)
 [Service]
 ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb:	0000000000002081"'
 Type=oneshot
 AmbientCapabilities=CAP_CHOWN CAP_SETUID CAP_NET_RAW
 DynamicUser=yes
 PrivateUsers=yes