Tree - rpms/irqbalance - CentOS Git server

Blob History Raw

		0ca777	`From 43751dfc7f29fbf2c46ffcd4fdb6d3f6db291927 Mon Sep 17 00:00:00 2001`
		0ca777	`From: Neil Horman <nhorman@gmail.com>`
		0ca777	`Date: Wed, 12 May 2021 09:26:10 -0400`
		0ca777	`Subject: [PATCH] drop NoNewPrivs from irqbalance service`
		0ca777
		0ca777	`A recent update to libcapng is issuing an error in the system log,`
		0ca777	`caused by the fact that irqbalance attempts to drop capabilities when`
		0ca777	`the systemd service unit has already done so for us. Since irqbalance`
		0ca777	`drops the caps correctly, theres really no need for us to do so via`
		0ca777	`systemd as well. So lets drop NoNewCaps in the service unit.`
		0ca777
		0ca777	`Signed-off-by: Neil Horman <nhorman@tuxdriver.com>`
		0ca777	`---`
		0ca777	`misc/irqbalance.service \| 1 -`
		0ca777	`1 file changed, 1 deletion(-)`
		0ca777
		0ca777	`diff --git a/misc/irqbalance.service b/misc/irqbalance.service`
		0ca777	`index e7a3336..014798c 100644`
		0ca777	`--- a/misc/irqbalance.service`
		0ca777	`+++ b/misc/irqbalance.service`
		0ca777	`@@ -9,7 +9,6 @@ EnvironmentFile=-/usr/lib/irqbalance/defaults.env`
		0ca777	`EnvironmentFile=-/path/to/irqbalance.env`
		0ca777	`ExecStart=/usr/sbin/irqbalance --foreground $IRQBALANCE_ARGS`
		0ca777	`CapabilityBoundingSet=`
		0ca777	`-NoNewPrivileges=yes`
		0ca777	`ReadOnlyPaths=/`
		0ca777	`ReadWritePaths=/proc/irq`
		0ca777	`RestrictAddressFamilies=AF_UNIX`
		0ca777	`--`
		0ca777	`2.31.1`
		0ca777