summaryrefslogtreecommitdiffstats
path: root/units/systemd-networkd.service.in
diff options
context:
space:
mode:
Diffstat (limited to 'units/systemd-networkd.service.in')
-rw-r--r--units/systemd-networkd.service.in6
1 files changed, 3 insertions, 3 deletions
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index 6141fdbb6d..cf81c7d841 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -20,9 +20,9 @@ Conflicts=shutdown.target initrd-switch-root.target
Wants=systemd-networkd.socket network.target systemd-networkd-persistent-storage.service
[Service]
-AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_BPF CAP_SYS_ADMIN
BusName=org.freedesktop.network1
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_BPF CAP_SYS_ADMIN
DeviceAllow=char-* rw
ExecStart=!!{{LIBEXECDIR}}/systemd-networkd
FileDescriptorStoreMax=512
@@ -48,7 +48,7 @@ RuntimeDirectory=systemd/netif
RuntimeDirectoryPreserve=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
-SystemCallFilter=@system-service
+SystemCallFilter=@system-service bpf
Type=notify-reload
User=systemd-network
{{SERVICE_WATCHDOG}}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 17:40:50 +0100