From ae1ba4dbe3c1395484f8f01f522630a333630332 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 29 Dec 2022 21:10:22 +0100 Subject: ... --- hosts/vidhar/prometheus/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'hosts/vidhar/prometheus/default.nix') diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index c0d41743..6bfa0b49 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix @@ -401,6 +401,7 @@ in { ] ++ cfg.extraFlags)}"; ReadWritePaths = ["/run/dbus/system_bus_socket"]; BindReadOnlyPaths = ["/proc" "/sys"]; + CapabilityBoundingSet = ["CAP_DAC_OVERRIDE"]; AmbientCapabilities = ["CAP_DAC_OVERRIDE"]; }; }; -- cgit v1.2.3