settings: drop ibft settings pluginth/drop-ibft-settings-plugin

The functionality of the ibft settings plugin is now handled by nm-initrd-generator. There is no need for it anymore, drop it. Note that ibft called iscsiadm, which requires CAP_SYS_ADMIN to work ([1]). We really want to drop this capability, so the current solution of a settings plugin (as it is implemented) is wrong. The solution instead is nm-initrd-generator. Also, on Fedora the ibft was disabled and probably on most other distributions as well. This was only used on RHEL. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1371201#c7
author: Thomas Haller <thaller@redhat.com> 2019-06-19 07:47:20 +0200
committer: Thomas Haller <thaller@redhat.com> 2019-06-20 16:06:44 +0200
commit: 74641be816a201fdb704a7a8084a791ea5c76c9f (patch)
tree: a7210659ef1602fbfa941d8ea18c6a560c732995 /data/NetworkManager.service.in
parent: f182d4fa20634ae8691757721b0e925ddb0af4cb (diff)
download: NetworkManager-74641be816a201fdb704a7a8084a791ea5c76c9f.tar.gz
1 files changed, 0 insertions, 3 deletions
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index ff90456ffd..2f442bf233 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -16,9 +16,6 @@ Restart=on-failure
 KillMode=process
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE CAP_KILL CAP_SYS_CHROOT
 
-# ibft settings plugin calls iscsiadm which needs CAP_SYS_ADMIN
-#CapabilityBoundingSet=CAP_SYS_ADMIN
-
 ProtectSystem=true
 ProtectHome=read-only
author	Thomas Haller <thaller@redhat.com>	2019-06-19 07:47:20 +0200
committer	Thomas Haller <thaller@redhat.com>	2019-06-20 16:06:44 +0200
commit	74641be816a201fdb704a7a8084a791ea5c76c9f (patch)
tree	a7210659ef1602fbfa941d8ea18c6a560c732995 /data/NetworkManager.service.in
parent	f182d4fa20634ae8691757721b0e925ddb0af4cb (diff)
download	NetworkManager-74641be816a201fdb704a7a8084a791ea5c76c9f.tar.gz