    [systemd] Add capabilities required by compositor killer. Fixes JB#48754 · d9f65fc6
    spiiroin authored
    The intent is that (devel flavor) mce will make an attempt to
    coredump / kill compositor process that stops responding to
    display blank/unblank control ipc - when it is unlikely that
    compositor is unresponsive because it has been stopped in
    debugger. This feature stopped working after systemd sandboxing
    features were taken in use.
    Add CAP_SYS_PTRACE - required by debugger detection.
    Add CAP_KILL - required for sending signals to unrelated processes.
    Add diagnostic logging in error paths of related code.
    Signed-off-by: Simo Piiroinen <simo.piiroinen@jollamobile.com>