From 04cfcd47ab4027e29d830cb8cdcf92b7dfc45003 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Mon, 22 Jun 2015 11:27:25 -0700 Subject: [PATCH] Granting CAP_SYS_ADMIN capability --- systemd/softether-vpnbridge.service | 3 +-- systemd/softether-vpnclient.service | 2 +- systemd/softether-vpnserver.service | 3 +-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/systemd/softether-vpnbridge.service b/systemd/softether-vpnbridge.service index d8b35d71..f1d6b894 100644 --- a/systemd/softether-vpnbridge.service +++ b/systemd/softether-vpnbridge.service @@ -16,8 +16,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnbridge -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE - +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN [Install] WantedBy=multi-user.target diff --git a/systemd/softether-vpnclient.service b/systemd/softether-vpnclient.service index f74b1cf8..b31267f5 100644 --- a/systemd/softether-vpnclient.service +++ b/systemd/softether-vpnclient.service @@ -17,7 +17,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnclient -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN [Install] WantedBy=multi-user.target diff --git a/systemd/softether-vpnserver.service b/systemd/softether-vpnserver.service index 553b5290..34b1c828 100644 --- a/systemd/softether-vpnserver.service +++ b/systemd/softether-vpnserver.service @@ -17,8 +17,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnserver -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE - +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN [Install] WantedBy=multi-user.target