Skip to content
Commit 0d787d5f authored by Lennart Poettering's avatar Lennart Poettering Committed by Zbigniew Jędrzejewski-Szmek
Browse files

Only drop the capabilities from the bounding set if we are running as PID1 (#6204) 

The CapabilityBoundingSet option only makes sense if we are running as
PID1.

The system.conf.d(5) manpage, already states that the CapabilityBoundingSet
option:
  Controls which capabilities to include in the capability bounding set
  for PID 1 and its children.

https://github.com/systemd/systemd/issues/6080
parent 1f47f550
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment