diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-05-20 17:40:05 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-05-20 17:40:05 +0200 |
commit | 01906c76c1a6eafc0dccf83b672ff1f3ed3e3338 (patch) | |
tree | 77ba806865211544ee85db53e0b3283dd115e39f | |
parent | util: introduce reset_uid_gid() for resetting all uids and gids to 0 (diff) | |
download | systemd-01906c76c1a6eafc0dccf83b672ff1f3ed3e3338.tar.xz systemd-01906c76c1a6eafc0dccf83b672ff1f3ed3e3338.zip |
units: conditionalize audit multicast socket on CAP_AUDIT_READ
The multicast logic can only work if the capability is available, hence
require it.
-rw-r--r-- | units/systemd-journald-audit.socket | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/units/systemd-journald-audit.socket b/units/systemd-journald-audit.socket index 35397aaeb8..541f2cf38d 100644 --- a/units/systemd-journald-audit.socket +++ b/units/systemd-journald-audit.socket @@ -11,6 +11,7 @@ Documentation=man:systemd-journald.service(8) man:journald.conf(5) DefaultDependencies=no Before=sockets.target ConditionSecurity=audit +ConditionCapability=CAP_AUDIT_READ [Socket] Service=systemd-journald.service |