From 1e160e5cb387900df8c47e87b9378c6e7df05777 Mon Sep 17 00:00:00 2001
From: Sergey Vojtovich <svoj@mariadb.org>
Date: Wed, 17 Aug 2016 13:57:34 +0400
Subject: MDEV-10404 - Improved systemd service hardening causes SELinux
 problems

Disabled NoNewPrivileges until SELinux policy is fixed.
---
 support-files/mariadb.service.in | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'support-files/mariadb.service.in')

diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
index 879c4d90a6c..6b8b2ba0ba3 100644
--- a/support-files/mariadb.service.in
+++ b/support-files/mariadb.service.in
@@ -48,7 +48,8 @@ CapabilityBoundingSet=CAP_IPC_LOCK
 # Prevent writes to /usr, /boot, and /etc
 ProtectSystem=full
 
-NoNewPrivileges=true
+# Doesn't yet work properly with SELinux enabled
+# NoNewPrivileges=true
 
 PrivateDevices=true
 
-- 
cgit v1.2.1