3 files changed, 16 insertions, 0 deletions

diff --git a/test/meson.build b/test/meson.build
index 24ab4d1dee..eeb3c5f8f0 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -109,6 +109,8 @@ test_data_files = '''
         test-execute/exec-privatetmp-no.service
         test-execute/exec-privatetmp-yes.service
         test-execute/exec-protecthome-tmpfs-vs-protectsystem-strict.service
+        test-execute/exec-protectkernellogs-yes-capabilities.service
+        test-execute/exec-protectkernellogs-no-capabilities.service
         test-execute/exec-protectkernelmodules-no-capabilities.service
         test-execute/exec-protectkernelmodules-yes-capabilities.service
         test-execute/exec-protectkernelmodules-yes-mount-propagation.service
diff --git a/test/test-execute/exec-protectkernellogs-no-capabilities.service b/test/test-execute/exec-protectkernellogs-no-capabilities.service
new file mode 100644
index 0000000000..f0c7d4d685
--- /dev/null
+++ b/test/test-execute/exec-protectkernellogs-no-capabilities.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test CAP_SYSLOG for ProtectKernelLogs=no
+
+[Service]
+ProtectKernelLogs=no
+ExecStart=/bin/sh -x -c 'capsh --print | grep cap_syslog'
+Type=oneshot
diff --git a/test/test-execute/exec-protectkernellogs-yes-capabilities.service b/test/test-execute/exec-protectkernellogs-yes-capabilities.service
new file mode 100644
index 0000000000..803ba7d552
--- /dev/null
+++ b/test/test-execute/exec-protectkernellogs-yes-capabilities.service
@@ -0,0 +1,7 @@
+[Unit]
+Description=Test CAP_SYSLOG for ProtectKernelLogs=yes
+
+[Service]
+ProtectKernelLogs=yes
+ExecStart=/bin/sh -x -c '! capsh --print | grep cap_syslog'
+Type=oneshot