mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-09-28 20:34:04 +00:00
service: remove a misleading comment
The comment makes it sounds as if we could do without CAP_DAC_OVERRIDE if we don't use OpenVSwitch, which is not true. At the very least it's needed by the VPN plugins we spawn to access cert/key material from users' homes.
This commit is contained in:
parent
3ade788716
commit
fe65ca77d7
|
@ -19,7 +19,6 @@ KillMode=process
|
|||
# With a huge number of interfaces, starting can take a long time.
|
||||
TimeoutStartSec=600
|
||||
|
||||
# CAP_DAC_OVERRIDE: required to open /run/openvswitch/db.sock socket.
|
||||
CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE CAP_KILL CAP_SYS_CHROOT
|
||||
|
||||
ProtectSystem=true
|
||||
|
|
Loading…
Reference in a new issue