Hi Ravi, Le mar. 16 août 2022 à 07:52, Ravi Paluri (QUIC) <quic_rpal...@quicinc.com> a écrit : > > Hi Team, > We would like to set below capabilities for our process. > * CAP_NET_ADMIN > * CAP_NET_RAW > > Do we need to use APIs mentioned in https://linux.die.net/man/3/cap_set_flag > and https://linux.die.net/man/3/cap_set_proc to get this functionality? > > On Systemd, I see that this can be achieved by writing below lines in a > service file. > CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW > AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW > > So, would like to know if there is any thing similar that can be done in > procd init scripts?
OpenWrt has procd-ujail, to set capabilities with it: https://github.com/openwrt/openwrt/blob/master/package/utils/busybox/files/sysntpd#L80 https://github.com/openwrt/openwrt/blob/master/package/utils/busybox/files/ntpd.capabilities Best Etienne > Thanks, > Ravi _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
