Commit 2e5e7530 authored by Tomas Krizek's avatar Tomas Krizek

systemd: enable manual activation of kresd.service as non-root user

To be able to bind to a well known port as a non-root user, the CAP_NET_BIND_SERVICE
capability is required.
parent 1c69089f
......@@ -9,6 +9,8 @@ EnvironmentFile=-/etc/default/kresd
ExecStart=/usr/sbin/kresd $KRESD_ARGS
User=knot-resolver
Restart=on-failure
# CAP_NET_BIND_SERVICE capability is needed for manual service activation
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=sockets.target
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment