Fix systemd service: Disable NoNewPrivileges

NoNewPrivileges=true prevents file capabilities from working. Since we need CAP_NET_RAW/CAP_NET_ADMIN for Bluetooth, we must disable this security feature.
2025-12-27 14:17:36 +01:00
parent b740372d88
commit f36257226f
1 changed files with 3 additions and 1 deletions
--- a/systemd/sensorpajen.service
+++ b/systemd/sensorpajen.service
@@ -23,7 +23,9 @@ StandardError=journal
 SyslogIdentifier=sensorpajen

 # Security
-NoNewPrivileges=true
+# Note: NoNewPrivileges=true can prevent file capabilities from working
+# We need capabilities for Bluetooth access, so we can't use it
+#NoNewPrivileges=true
 PrivateTmp=true

 [Install]