From 4450ce7f8ad84c053e4871ae73b827a22fa4f451 Mon Sep 17 00:00:00 2001
From: Jeff <jeff@i2p.rocks>
Date: Sat, 8 May 2021 15:50:22 -0400
Subject: [PATCH] add cap_net_bind_service to systemd unit

this allows running on port 80 as non privileged user.
---
 debian/session-open-group-server.service | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/debian/session-open-group-server.service b/debian/session-open-group-server.service
index df461b7..a4ea764 100644
--- a/debian/session-open-group-server.service
+++ b/debian/session-open-group-server.service
@@ -7,6 +7,8 @@ StartLimitInterval=0
 [Service]
 User=_loki
 Type=simple
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 ExecStart=/usr/bin/session-open-group-server
 WorkingDirectory=/var/lib/session-open-group-server
 Restart=on-failure