RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

MT#55283 actually grant the capabilities 

Capabilities listed in the ambient set must also be included in the
bounding set.

Change-Id: I172bd30c9fbe488574e9cc015ba552e805c95fe6
pull/1759/head
Richard Fuchs 2 years ago
parent
d9f12ce27b
commit
7200c7af64
1 changed files with 1 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -0
      debian/ngcp-rtpengine-daemon.service

+ 1
- 0
debian/ngcp-rtpengine-daemon.service View File

@ -66,6 +66,7 @@ CapabilityBoundingSet=
# Service process does not receive ambient capabilities
# NOTE: we need caps for running as non-root user
CapabilityBoundingSet=CAP_NET_ADMIN CAP_SYS_NICE
AmbientCapabilities=CAP_NET_ADMIN CAP_SYS_NICE
# Service has no access to other software's temporary files


Write Preview
Loading…
Cancel
Save