Remove redundant capabilities in charon Apparmor profiles

author: Simon Deziel <simon@sdeziel.info> 2018-09-20 17:13:12 -0400
committer: Simon Deziel <simon@sdeziel.info> 2018-09-24 11:59:39 -0400
commit: ae0b23db71d7e1298cf0adcf6bf2a0d50c714481 (patch)
tree: b5da9811488b536569cb54ccf6c4f9d2385c343e
parent: 912855f3b02f430cbbb77d1f6d5cb44d271ee698 (diff)
download: vyos-strongswan-ae0b23db71d7e1298cf0adcf6bf2a0d50c714481.tar.gz
vyos-strongswan-ae0b23db71d7e1298cf0adcf6bf2a0d50c714481.zip
2 files changed, 0 insertions, 6 deletions
diff --git a/debian/usr.lib.ipsec.charon b/debian/usr.lib.ipsec.charon
index a13e3a2d4..de110d837 100644
--- a/debian/usr.lib.ipsec.charon
+++ b/debian/usr.lib.ipsec.charon
@@ -35,9 +35,6 @@
   # libstrongswan-standard-plugins: agent
   capability dac_override,
 
-  capability net_admin,
-  capability net_raw,
-
   network,
   network raw,
 
diff --git a/debian/usr.sbin.charon-systemd b/debian/usr.sbin.charon-systemd
index 9776e2944..0540b89e0 100644
--- a/debian/usr.sbin.charon-systemd
+++ b/debian/usr.sbin.charon-systemd
@@ -35,9 +35,6 @@
   # libstrongswan-standard-plugins: agent
   capability dac_override,
 
-  capability net_admin,
-  capability net_raw,
-
   network,
   network raw,
author	Simon Deziel <simon@sdeziel.info>	2018-09-20 17:13:12 -0400
committer	Simon Deziel <simon@sdeziel.info>	2018-09-24 11:59:39 -0400
commit	ae0b23db71d7e1298cf0adcf6bf2a0d50c714481 (patch)
tree	b5da9811488b536569cb54ccf6c4f9d2385c343e
parent	912855f3b02f430cbbb77d1f6d5cb44d271ee698 (diff)
download	vyos-strongswan-ae0b23db71d7e1298cf0adcf6bf2a0d50c714481.tar.gz vyos-strongswan-ae0b23db71d7e1298cf0adcf6bf2a0d50c714481.zip