I try to configure my freeradius service with capabilities (https://lists.debian.org/debian-devel/2017/09/msg00062.html)
i can do with setting capabilities on freeradius binary. But I headr about AmbientCapabilities directive and I tried to use it. Without success - freeradius dhcp server cannot bind to port 68. below my unit file: --8<---------------cut here---------------start------------->8--- [Unit] Description=FreeRADIUS multi-protocol policy server After=network.target Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ http://networkradius.com/doc/ [Service] Type=forking #Type=simple PIDFile=/run/freeradius/freeradius.pid EnvironmentFile=-/etc/default/freeradius #ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cxm -lstdout User=freerad AmbientCapabilities=CAP_NET_ADMIN AmbientCapabilities=CAP_NET_RAW AmbientCapabilities=CAP_NET_BIND_SERVICE ExecStart=/usr/sbin/freeradius $FREERADIUS_OPTIONS #ExecStart=/usr/sbin/freeradius -f $FREERADIUS_OPTIONS Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target --8<---------------cut here---------------end--------------->8--- I tried to use one AmbientCapabilities directive with all capabilities in space separates list but also without success. What am I missing? KJ -- http://wolnelektury.pl/wesprzyj/teraz/ I must Create a System, or be enslav'd by another Man's; I will not Reason and Compare; my business is to Create. -- William Blake, "Jerusalem" _______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
