Code Review / src / app-framework-main.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
service :set the capabilities
[src/app-framework-main.git] / conf / afm-system-daemon.service
diff --git a/conf/afm-system-daemon.service b/conf/afm-system-daemon.service
index 80c880f..b14f417 100644 (file)
--- a/conf/afm-system-daemon.service
+++ b/conf/afm-system-daemon.service
@@ -8,6 +8,9 @@ Group=afm
 ExecStart=/usr/bin/afm-system-daemon
 Restart=on-failure
 RestartSec=5
+CapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_MAC_OVERRIDE
+SecureBits=keep-caps
+Capabilities=cap_dac_override,cap_mac_override=i
 
 [Install]
 WantedBy=multi-user.target
Application Framework main service, maintained by iot.bzh team