commit: b8b1f0f3be5a01f3d47c2a1865113eb076376cc2
Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 8 20:54:26 2016 +0000
Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
CommitDate: Mon Aug 8 20:54:26 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b8b1f0f3
net-misc/radvd: fixing the systemd unit
Package-Manager: portage-2.2.28
net-misc/radvd/files/radvd.service | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/net-misc/radvd/files/radvd.service
b/net-misc/radvd/files/radvd.service
index a3ac66f..b496267 100644
--- a/net-misc/radvd/files/radvd.service
+++ b/net-misc/radvd/files/radvd.service
@@ -4,18 +4,15 @@ Documentation=man:radvd(8)
After=network.target
[Service]
-User=radvd
-Group=radvd
Type=forking
ExecStartPre=/usr/sbin/radvd --configtest
-ExecStart=/usr/sbin/radvd --logmethod stderr --debug 0
+ExecStart=/usr/sbin/radvd --username radvd --logmethod stderr --debug 0
ExecReload=/usr/sbin/radvd --configtest ; \
/bin/kill -HUP $MAINPID
CPUSchedulingPolicy=idle
PIDFile=/run/radvd/radvd.pid
RuntimeDirectory=radvd
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
-AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
+CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_NET_RAW
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=full
