Skip to content
Permalink
Browse files

systemd-tmpfiles performs operations on System V IPC objects which re…

…quires sys_admin capability. BZ(#1279269)
  • Loading branch information...
mgrepl committed Nov 20, 2015
1 parent 7dd4cfb commit 229a3478b788f1aadb4645c6f6260fdd7164e9b7
Showing with 1 addition and 1 deletion.
  1. +1 −1 policy/modules/system/systemd.te
@@ -346,7 +346,7 @@ optional_policy(`
# Local policy
#

allow systemd_tmpfiles_t self:capability { chown dac_override fsetid fowner mknod };
allow systemd_tmpfiles_t self:capability { chown dac_override fsetid fowner mknod sys_admin };
allow systemd_tmpfiles_t self:process { setfscreate };

allow systemd_tmpfiles_t self:unix_dgram_socket create_socket_perms;

0 comments on commit 229a347

Please sign in to comment.
You can’t perform that action at this time.