u9fs service: grant capabilities for running as nobody
This commit is contained in:
Emery Hemingway
Emery Hemingway
parent
87c1097af1
commit
12b6c4d4de
@ -67,6 +67,7 @@ in
|
|||||||
StandardInput = "socket";
|
StandardInput = "socket";
|
||||||
StandardError = "journal";
|
StandardError = "journal";
|
||||||
User = cfg.user;
|
User = cfg.user;
|
||||||
|
AmbientCapabilities = "cap_setuid cap_setgid";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user