test/test-execute/exec-ambientcapabilities-nfsnobody.service


1
2
3
4
5
6
7
8

[Unit]
Description=Test for AmbientCapabilities

[Service]
ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb:	0000000000002001"'
Type=oneshot
User=nfsnobody
AmbientCapabilities=CAP_CHOWN CAP_NET_RAW