On 13/05/2019 09:31, Kristoffel Pirard wrote:
The dnsmasq man page for the --user parameter says that "Dnsmasq must _normally_ be started as root".  We tested starting as non-root user, but with capabilities cap_net_bind_service, cap_net_admin, cap_net_raw. It currently seems to work, but I'm debating if we should actually use this 'hack'.

So should the ambiguous adverb 'normally' be removed from the documentation?  If not, what are the circumstances in which it is allowed to not start as root?

The whole world is not Linux. Most other OS's don't have these caps.


Dnsmasq-discuss mailing list

Reply via email to