[please keep me in CC, I'm not subscribed] Hi all,
Slim upstream added CapabilityBoundingSet=~CAP_SYS_PTRACE to the slim.service file, apparently to silence lintian messages [1]. This breaks some admin commands [2] in a non obvious way and so causes surprise to users. To avoid surprises to our users (and possibly document this behaviour in release notes) I think is better if this kind of hardening is kept consistent across all login managers in Debian, so either slims service drops the capability line or all other login managers (gdm lightdm sddm..) adds it to their services. I'd go with the former (patch slim service): what do you think? Lorenzo [1] https://sourceforge.net/p/slim-fork/code/60/# [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107505
