mirror of
https://github.com/systemd/systemd.git
synced 2026-06-24 08:47:49 +00:00
b49a4696c4
If sh is not bash, some builtin command behave slightly differently. E.g. if sh is provided by busybox, its builtin test command does not check if the path is a mount point or not, and 'test -w' only checks the access mode of the inode. So, even if a readonly filesystem is mounted on a directory, the test command may succeed. To avoid such confusion, let's unconditionally use bash.
10 lines
328 B
Desktop File
10 lines
328 B
Desktop File
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
[Unit]
|
|
Description=Test CAP_SYSLOG for ProtectKernelLogs=yes
|
|
|
|
[Service]
|
|
ProtectKernelLogs=yes
|
|
# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output
|
|
ExecStart=bash -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_syslog'
|
|
Type=oneshot
|