remove Capabilities limit: it causes failure on external commands
parent
cbb15ae4ab
commit
7f8ae95a5f
|
@ -5,7 +5,6 @@ Description=Initialization of pyruse module %I
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=/usr/bin/pyruse-boot "%I"
|
ExecStart=/usr/bin/pyruse-boot "%I"
|
||||||
WorkingDirectory=/etc/pyruse
|
WorkingDirectory=/etc/pyruse
|
||||||
CapabilityBoundingSet=CAP_SYS_CHROOT
|
|
||||||
NoNewPrivileges=true
|
NoNewPrivileges=true
|
||||||
PrivateDevices=yes
|
PrivateDevices=yes
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
|
|
|
@ -4,7 +4,6 @@ Description=Route systemd-journal logs to filters and actions (ban, report…)
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=/usr/bin/pyruse
|
ExecStart=/usr/bin/pyruse
|
||||||
WorkingDirectory=/etc/pyruse
|
WorkingDirectory=/etc/pyruse
|
||||||
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT
|
|
||||||
NoNewPrivileges=true
|
NoNewPrivileges=true
|
||||||
PrivateDevices=yes
|
PrivateDevices=yes
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
|
|
Loading…
Reference in New Issue