summaryrefslogtreecommitdiffstats
path: root/units/systemd-networkd.service.in
diff options
context:
space:
mode:
authorYu Watanabe <watanabe.yu+github@gmail.com>2018-05-22 15:37:34 +0200
committerYu Watanabe <watanabe.yu+github@gmail.com>2018-05-22 15:37:34 +0200
commitd4e9e574ea0b5d23598a317e68399584d229568b (patch)
tree1c1bffeae5e358d02d95be07776cf020e7f3569b /units/systemd-networkd.service.in
parentresolve: enable DynamicUser= for systemd-resolved.service (diff)
downloadsystemd-d4e9e574ea0b5d23598a317e68399584d229568b.tar.xz
systemd-d4e9e574ea0b5d23598a317e68399584d229568b.zip
network: set DynamicUser= to systemd-networkd.service
Diffstat (limited to 'units/systemd-networkd.service.in')
-rw-r--r--units/systemd-networkd.service.in4
1 files changed, 2 insertions, 2 deletions
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index d05b334722..adb219a01d 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-networkd.service(8)
ConditionCapability=CAP_NET_ADMIN
DefaultDependencies=no
# systemd-udevd.service can be dropped once tuntap is moved to netlink
-After=systemd-udevd.service network-pre.target systemd-sysusers.service systemd-sysctl.service
+After=systemd-udevd.service network-pre.target systemd-sysctl.service
Before=network.target multi-user.target shutdown.target
Conflicts=shutdown.target
Wants=network.target
@@ -25,9 +25,9 @@ RestartSec=0
ExecStart=!!@rootlibexecdir@/systemd-networkd
WatchdogSec=3min
User=systemd-network
+DynamicUser=yes
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
-ProtectSystem=strict
ProtectHome=yes
ProtectControlGroups=yes
ProtectKernelModules=yes
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 20:25:22 +0100