From 46e35ce1ff7da5ceeac8fa50393c5c1c37fccc0a Mon Sep 17 00:00:00 2001
From: Stephane Desneux <stephane.desneux@iot.bzh>
Date: Wed, 6 Feb 2019 17:31:14 +0100
Subject: Revert "afm-unit: Restore removal of capabilities"

This reverts commit f2a2f1357a5268b614528feeba0a91f4ea04a7aa.

Change-Id: I7ff68f27b75c9ddb887470c5579e7b9277aa3613
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
---
 conf/unit/generate-unit-conf/service.inc | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'conf/unit/generate-unit-conf')

diff --git a/conf/unit/generate-unit-conf/service.inc b/conf/unit/generate-unit-conf/service.inc
index 59df916..961a262 100644
--- a/conf/unit/generate-unit-conf/service.inc
+++ b/conf/unit/generate-unit-conf/service.inc
@@ -70,14 +70,13 @@ SuccessExitStatus=0 SIGKILL
 User=%i
 Slice=user-%i.slice
 
-CapabilityBoundingSet=
+#CapabilityBoundingSet=
 #AmbientCapabilities=
 
 ON_PERM(:platform:no-oom,   OOMScoreAdjust=-500)
 ON_PERM(:partner:real-time, IOSchedulingClass=realtime)
+ON_PERM(:public:display,    SupplementaryGroups=display)
 ON_PERM(:public:syscall:clock, , SystemCallFilter=~@clock)
-#ON_PERM(:public:display,    SupplementaryGroups=display)
-SupplementaryGroups=display
 %nl
 
 WorkingDirectory=-APP_DATA_DIR/{{:id}}
-- 
cgit 1.2.3-korg