summaryrefslogtreecommitdiff
path: root/src/etc/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc/security')
-rw-r--r--src/etc/security/capability.conf10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/etc/security/capability.conf b/src/etc/security/capability.conf
new file mode 100644
index 000000000..0a7235f16
--- /dev/null
+++ b/src/etc/security/capability.conf
@@ -0,0 +1,10 @@
+# this is a capability file (used in conjunction with the pam_cap.so module)
+
+# Special capability for Vyatta admin
+all %vyattacfg
+
+# Vyatta Operator
+cap_net_admin,cap_sys_boot,cap_audit_write %vyattaop
+
+## 'everyone else' gets no inheritable capabilities
+none *