summaryrefslogtreecommitdiff
path: root/test/test-execute/exec-protectkernelmodules-no-capabilities.service
blob: 8d7e2b52d4446e1e4f7dae125005826ddb7eed28 (plain) 
1
2
3
4
5
6
7
8

[Unit]
Description=Test CAP_SYS_MODULE ProtectKernelModules=no

[Service]
ProtectKernelModules=no
# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module'
Type=oneshot
View Lorry Controller Status