serv/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-01-14 01:06:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add missing capability CAP_FSETID to mox.service

Browse source 
without it, process cannot create setgid directories.
This commit is contained in:
Mechiel Lukkien 2023-02-27 14:04:20 +01:00
parent f3f2c6f8ea
commit e20677cfd6
No known key found for this signature in database
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
mox.service
View file

@ -22,7 +22,7 @@ ReadWritePaths=/home/mox/config /home/mox/data
ProtectKernelTunables=yes ProtectKernelTunables=yes
ProtectControlGroups=yes ProtectControlGroups=yes
AmbientCapabilities= AmbientCapabilities=
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_CHOWN CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_CHOWN CAP_FSETID
NoNewPrivileges=yes NoNewPrivileges=yes
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK
ProtectProc=invisible ProtectProc=invisible