forked from mirrors/gotosocial
[docs] Mention AmbientCapabilities=CAP_NET_BIND_SERVICE
in example systemd service (#576)
This commit is contained in:
parent
b143877995
commit
6838b32235
1 changed files with 2 additions and 0 deletions
|
@ -48,6 +48,8 @@ CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
# You might need this if you are running as non-root on a privileged port (below 1024)
|
||||||
|
#AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|
Loading…
Reference in a new issue