add cap_net_bind_service to systemd unit
this allows running on port 80 as non privileged user.
This commit is contained in:
parent
f6867e7666
commit
4450ce7f8a
|
@ -7,6 +7,8 @@ StartLimitInterval=0
|
|||
[Service]
|
||||
User=_loki
|
||||
Type=simple
|
||||
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
ExecStart=/usr/bin/session-open-group-server
|
||||
WorkingDirectory=/var/lib/session-open-group-server
|
||||
Restart=on-failure
|
||||
|
|
Loading…
Reference in New Issue