diff --git a/ChangeLog b/ChangeLog index 0996042..58220e1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ # ChangeLog for squashmount +*squashmount-15.4.0_p1 + Martin Väth : + - Work around systemd cap https://github.com/vaeth/squashmount/issues/7 + *squashmount-15.4.0 Martin Väth : - Honour BLOCKSIZE for files in DIFF diff --git a/systemd/system/squashmount.service b/systemd/system/squashmount.service index 1552a2c..e81f399 100644 --- a/systemd/system/squashmount.service +++ b/systemd/system/squashmount.service @@ -7,10 +7,7 @@ After=local-fs.target systemd-tmpfiles-setup.service # long timeout in /etc/systemd/system/squashmount.service.d/timeout.conf TimeoutStopSec=1800 Type=oneshot -CapabilityBoundingSet= -CapabilityBoundingSet=CAP_SYS_ADMIN -CapabilityBoundingSet=CAP_CHOWN -CapabilityBoundingSet=CAP_SYS_MODULE +CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_SYS_ADMIN CAP_SYS_MODULE MemoryDenyWriteExecute=true NoNewPrivileges=true PrivateNetwork=true