From 9f44caae26b568b807c0296ea4f7e7eed112fc83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20V=C3=A4th?= <martin@mvath.de>
Date: Sun, 16 Jul 2017 19:08:38 +0200
Subject: [PATCH] Remove Remove CapabilityBoundingSet: It breaks overlay

---
 ChangeLog                          | 4 ++++
 systemd/system/squashmount.service | 1 -
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index a984dd4..a04dc34 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 # ChangeLog for squashmount
 
+*squashmount-15.4.3_p2
+	Martin Väth <martin at mvath.de>:
+	- Remove CapabilityBoundingSet: It breaks overlay and possibly others
+
 *squashmount-15.4.3_p1
 	Martin Väth <martin at mvath.de>:
 	- Fix systemd unit paths in README
diff --git a/systemd/system/squashmount.service b/systemd/system/squashmount.service
index e81f399..c1e1d2f 100644
--- a/systemd/system/squashmount.service
+++ b/systemd/system/squashmount.service
@@ -7,7 +7,6 @@ After=local-fs.target systemd-tmpfiles-setup.service
 # long timeout in /etc/systemd/system/squashmount.service.d/timeout.conf
 TimeoutStopSec=1800
 Type=oneshot
-CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_SYS_ADMIN CAP_SYS_MODULE
 MemoryDenyWriteExecute=true
 NoNewPrivileges=true
 PrivateNetwork=true