On Fri, Jan 25, 2013 at 7:16 PM, Reindl Harald <h.rei...@thelounge.net> wrote: > > > Am 25.01.2013 18:14, schrieb Mantas Mikulėnas: >> On Fri, Jan 25, 2013 at 6:50 PM, Reindl Harald <h.rei...@thelounge.net> >> wrote: >>> Am 25.01.2013 17:42, schrieb Daniel J Walsh: >>>> How would I write a unit file to run an apache service as the user dwalsh >>>> (3267) >>> why would someone do this with systemd? >>> httpd needs to get started as root to bind the port! >> >> Not if you give it the CAP_NET_BIND_SERVICE capability. >> Also, there are many valid uses for Apache on ports above 1024 > > and what does this change in the fact that httpd has > it's own configuration options for user and group?
That some users may want to take advantage of modern Linux features and run httpd without *ever* giving it full root privileges – which it needs for precisely two things, bind() and setuid(). -- Mantas Mikulėnas _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
