diff options
author | José Bollo <jose.bollo@iot.bzh> | 2016-10-14 13:25:07 +0200 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2016-10-24 09:49:39 +0200 |
commit | eadecc11aac1b0de7a0841213f647e35ccf5a6a1 (patch) | |
tree | db443902bd5ce9b9081373c81458ee1d1cbf6585 /meta-sota/recipes-core/images/initramfs-ostree-image.bb | |
parent | e05a392cf438438bf5636dfc31f95c40b27b67a8 (diff) |
FWK: Adaptations for jethro
Since introduction of ambient capabilities,
systemd deprecated the use of Capabilities.
With systemd 229 activated with krogoth,
the use of Capabilities does nothing.
This commits avoids to use SecureBits and Capabilities.
It now relies on the fact that post installations are
setting the capabilities to the file:
- setcap cap_mac_override,cap_dac_override=ep afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon
Using p (permitted) instead of i (inherited) that was
previously used.
It also includes evolutions of the security model to be synchronized
with the deletion of 'User'. The recommended version to use now
is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285.
Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-sota/recipes-core/images/initramfs-ostree-image.bb')
0 files changed, 0 insertions, 0 deletions