summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/connman.service.in2
-rw-r--r--src/connman_tv.service.in2
-rwxr-xr-xsrc/net.connman.service.in2
3 files changed, 5 insertions, 1 deletions
diff --git a/src/connman.service.in b/src/connman.service.in
index adf7a62a..503ec455 100755
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -9,6 +9,8 @@ BusName=net.connman
Restart=on-failure
ExecStart=@sbindir@/connmand -n --noplugin vpn
StandardOutput=null
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/connman_tv.service.in b/src/connman_tv.service.in
index 2922aa86..c0328467 100644
--- a/src/connman_tv.service.in
+++ b/src/connman_tv.service.in
@@ -7,6 +7,8 @@ BusName=net.connman
RemainAfterExit=yes
ExecStartPre=/usr/bin/dbus-send --system --dest=net.netconfig / net.netconfig.auto.activate
ExecStart=/usr/sbin/connmand --noplugin vpn
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/net.connman.service.in b/src/net.connman.service.in
index f7f6a7c0..9679c1be 100755
--- a/src/net.connman.service.in
+++ b/src/net.connman.service.in
@@ -1,5 +1,5 @@
[D-BUS Service]
Name=net.connman
-Exec=@sbindir@/connmand -n
+Exec=/bin/false
User=root
SystemdService=connman.service
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 20:44:31 +0000