diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2017-10-06 16:05:20 +0900 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2017-10-06 16:05:20 +0900 |
| commit | 48d3e88c18258d423c3953372ec4a2e638ab0422 (patch) | |
| tree | 623f2f4ab2177226dc19164db6cdafe6483a17dc /units | |
| parent | c31ad024034c97ab8343810822541407aa91b73b (diff) | |
| download | systemd-48d3e88c18258d423c3953372ec4a2e638ab0422.tar.gz | |
timesyncd: enable DynamicUser=
Diffstat (limited to 'units')
| -rw-r--r-- | units/systemd-timesyncd.service.in | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in index 8d3f46cf5e..ed4bc8e552 100644 --- a/units/systemd-timesyncd.service.in +++ b/units/systemd-timesyncd.service.in @@ -23,11 +23,10 @@ RestartSec=0 ExecStart=!!@rootlibexecdir@/systemd-timesyncd WatchdogSec=3min User=systemd-timesync +DynamicUser=yes CapabilityBoundingSet=CAP_SYS_TIME AmbientCapabilities=CAP_SYS_TIME -PrivateTmp=yes PrivateDevices=yes -ProtectSystem=strict ProtectHome=yes ProtectControlGroups=yes ProtectKernelTunables=yes |