summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Pokorný <jpokorny@redhat.com>2013-10-23 23:38:11 +0200
committerJan Pokorný <jpokorny@redhat.com>2013-10-23 23:38:11 +0200
commit6e5482a0c0a55bca012c897e94c58aca79acf5e7 (patch)
tree5df57707922c6a75957a54f137ce0f6103519186
parent5683f125c2dbf48f40e46e60b53eb60a2b133fa4 (diff)
downloadcluster-overview-6e5482a0c0a55bca012c897e94c58aca79acf5e7.zip
cluster-overview-6e5482a0c0a55bca012c897e94c58aca79acf5e7.tar.gz
cluster-overview-6e5482a0c0a55bca012c897e94c58aca79acf5e7.tar.xz
Start tracking capabilities as a security property
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
-rw-r--r--lib_cman.py1
1 files changed, 1 insertions, 0 deletions
diff --git a/lib_cman.py b/lib_cman.py
index 8507c84..633a013 100644
--- a/lib_cman.py
+++ b/lib_cman.py
@@ -146,6 +146,7 @@ class CmanRicci(Daemon):
euser='ricci',
egroup='root',
label='unconfined_u:system_r:ricci_t:s0',
+ capabilities='CAP_SYS_BOOT (+ temporarily CAP_SETUID)'
)
miscprops = dict(
common_thread_cnt=1,