[Unit] Description=Network Manager Documentation=man:NetworkManager(8) Wants=network.target After=network-pre.target dbus.service Before=network.target [Service] Type=dbus BusName=org.freedesktop.NetworkManager ExecReload=/usr/bin/dbus-send --print-reply --system --type=method_call --dest=org.freedesktop.NetworkManager /org/freedesktop/NetworkManager org.freedesktop.NetworkManager.Reload uint32:0 #ExecReload=/bin/kill -HUP $MAINPID ExecStart=/usr/sbin/NetworkManager --no-daemon Restart=on-failure # NM doesn't want systemd to kill its children for it KillMode=process CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_MODULE CAP_AUDIT_WRITE CAP_KILL CAP_SYS_CHROOT # ibft settings plugin calls iscsiadm which needs CAP_SYS_ADMIN #CapabilityBoundingSet=CAP_SYS_ADMIN ProtectSystem=true ProtectHome=read-only [Install] WantedBy=multi-user.target Also=NetworkManager-dispatcher.service