Web lists-archives.com

Re: thoughts about freeradius package (especially dhcp)




Russ Allbery <rra@xxxxxxxxxx> writes:

> kjonca@xxxxxxxxxxxxxx (Kamil Jońca) writes:
>
>> Hm. I tried to add
>
>> AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE
>
>> and takes off capabilities from file but without success (ie. service
>> does not starts)
>> Shoudl I do something else?
>
> Does it produce any useful error messages?  Maybe this doesn't work the

The only one is from radius - cannot bind to port 68

> way that I thought it did.  The active capabilities are the effective
> ones, but ambient becomes effective after execve, so I would have expected
> them to be in place for the process once systemd execs it.
I expected also  :(
KJ

-- 
http://wolnelektury.pl/wesprzyj/teraz/
There are a lot of lies going around.... and half of them are true.
		-- Winston Churchill