rpms/irqbalance
5
0
Fork 0
Code Issues Pull Requests Releases Activity
d07b107d95
irqbalance/irqbalance-1.8.0-Drop-CapabilityBoundingSet-from-irqbalance-service.patch
Kairui Song 27bd99336e Release 1.8.0-4 
Drop CapabilityBoundingSet from irqbalance service

Resolves: rhbz1963152

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-09-27 01:26:32 +08:00

33 lines
1.1 KiB
Diff
Raw Blame History

From efab2725ea5165732c5e98c0e083a4eec6e355e3 Mon Sep 17 00:00:00 2001
From: Kairui Song <kasong@redhat.com>
Date: Fri, 24 Sep 2021 17:43:30 +0800
Subject: [PATCH] Drop CapabilityBoundingSet from irqbalance service
libcapng is issuing an error in the system log when irqbalance attempts
to drop capabilities, but systemd service unit has already done dropped
all capabilities. commit 43751df tried to fix this but it didn't fix it
completely. CapabilityBoundingSet also need to be dropped.
Fixes #182
Signed-off-by: Kairui Song <kasong@redhat.com>
---
misc/irqbalance.service | 1 -
1 file changed, 1 deletion(-)
diff --git a/misc/irqbalance.service b/misc/irqbalance.service
index 014798c..fcc29c2 100644
--- a/misc/irqbalance.service
+++ b/misc/irqbalance.service
@@ -8,7 +8,6 @@ ConditionVirtualization=!container
EnvironmentFile=-/usr/lib/irqbalance/defaults.env
EnvironmentFile=-/path/to/irqbalance.env
ExecStart=/usr/sbin/irqbalance --foreground $IRQBALANCE_ARGS
-CapabilityBoundingSet=
ReadOnlyPaths=/
ReadWritePaths=/proc/irq
RestrictAddressFamilies=AF_UNIX
--
2.31.1
Reference in New Issue View Git Blame Copy Permalink