yves
/
pyruse
1
0
Fork 0
Code Issues 1 Pull Requests 0 Releases 3 Wiki Activity
Browse Source

CAP_SYS_ADMIN needed for running commands in a container (nsenter)

master
Y 3 years ago
parent
6a5de578bb
commit
75800a616f
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      extra/systemd/pyruse.service

+ 1
- 1
extra/systemd/pyruse.service View File

@ -4,7 +4,7 @@ Description=Route systemd-journal logs to filters and actions (ban, report…)
[Service]
ExecStart=/usr/bin/pyruse
WorkingDirectory=/etc/pyruse
CapabilityBoundingSet=CAP_SYS_CHROOT
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT
NoNewPrivileges=true
PrivateDevices=yes
PrivateTmp=yes


Write Preview
Loading…
Cancel
Save