systemd: grant the daemon a license to kill kids

It's for their own good. Otherwise stale dnsmasq instances haunt the shared connections.
author: Lubomir Rintel <lkundrak@v3.sk> 2015-10-08 19:14:43 +0200
committer: Lubomir Rintel <lkundrak@v3.sk> 2015-10-08 19:23:53 +0200
commit: 97a962a7886cf67fcdf6b73b707d126673672403 (patch)
tree: c45ca4651e2cf80dfbd2f3912730f7bae6ca4084
parent: 68eb350ad897abe1bd3e6fe11218f8ce688812af (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index fbaf77d855..6690f5a570 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -11,7 +11,7 @@ ExecStart=@sbindir@/NetworkManager --no-daemon
 Restart=on-failure
 # NM doesn't want systemd to kill its children for it
 KillMode=process
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE CAP_KILL
 ProtectSystem=true
 ProtectHome=read-only
author	Lubomir Rintel <lkundrak@v3.sk>	2015-10-08 19:14:43 +0200
committer	Lubomir Rintel <lkundrak@v3.sk>	2015-10-08 19:23:53 +0200
commit	97a962a7886cf67fcdf6b73b707d126673672403 (patch)
tree	c45ca4651e2cf80dfbd2f3912730f7bae6ca4084
parent	68eb350ad897abe1bd3e6fe11218f8ce688812af (diff)