On 13/05/2019 09:31, Kristoffel Pirard wrote:
The dnsmasq man page for the --user parameter says that "Dnsmasq must
_normally_ be started as root". We tested starting as non-root user,
but with capabilities cap_net_bind_service, cap_net_admin, cap_net_raw.
It currently seems to work, but I'm debating if we should actually use
this 'hack'.
So should the ambiguous adverb 'normally' be removed from the
documentation? If not, what are the circumstances in which it is
allowed to not start as root?
The whole world is not Linux. Most other OS's don't have these caps.
Roy
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
