Re: thoughts about freeradius package (especially dhcp)

To: debian-devel@lists.debian.org
Subject: Re: thoughts about freeradius package (especially dhcp)
From: Russ Allbery <rra@debian.org>
Date: Mon, 04 Sep 2017 09:42:20 -0700
Message-id: <[🔎] 873782ct5f.fsf@hope.eyrie.org>
In-reply-to: <[🔎] 87fuc310nt.fsf@alfa.kjonca> ("Kamil Jońca"'s message of "Mon, 04 Sep 2017 07:40:54 +0200")
References: <[🔎] 87k21f1sti.fsf@alfa.kjonca> <[🔎] 87lglvsebl.fsf@hope.eyrie.org> <[🔎] 87fuc310nt.fsf@alfa.kjonca>

kjonca@poczta.onet.pl (Kamil Jońca) writes:

> Hm. I tried to add

> AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE

> and takes off capabilities from file but without success (ie. service
> does not starts)
> Shoudl I do something else?

Does it produce any useful error messages?  Maybe this doesn't work the
way that I thought it did.  The active capabilities are the effective
ones, but ambient becomes effective after execve, so I would have expected
them to be in place for the process once systemd execs it.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: thoughts about freeradius package (especially dhcp)
  - From: kjonca@poczta.onet.pl (Kamil Jońca)
- Re: thoughts about freeradius package (especially dhcp)
  - From: Ben Hutchings <ben@decadent.org.uk>

References:
- thoughts about freeradius package (especially dhcp)
  - From: kjonca@poczta.onet.pl (Kamil Jońca)
- Re: thoughts about freeradius package (especially dhcp)
  - From: Russ Allbery <rra@debian.org>
- Re: thoughts about freeradius package (especially dhcp)
  - From: kjonca@poczta.onet.pl (Kamil Jońca)

Prev by Date: Re: make dpkg-buildpackage default locale UTF-8
Next by Date: Re: thoughts about freeradius package (especially dhcp)
Previous by thread: Re: thoughts about freeradius package (especially dhcp)
Next by thread: Re: thoughts about freeradius package (especially dhcp)
Index(es):
- Date
- Thread