Hi,
On 05/06/15 00:37, Oliver Charles wrote:
I believe the User option in systemd unit configuration should do this.
I think you'll also need:
systemd.services.my-unit.serviceConfig.CapabilityBoundingSet =
CAP_NET_BIND_SERVICE;
Alternatively, socket activation combined with the User
Hi,
Thanks for the replies.
On 05/06/2015 11:53, Eelco Dolstra wrote:
Hi,
On 05/06/15 00:37, Oliver Charles wrote:
I believe the User option in systemd unit configuration should do this.
I think you'll also need:
systemd.services.my-unit.serviceConfig.CapabilityBoundingSet =
I believe the User option in systemd unit configuration should do this. See
the systemd.service man page - all options can be used in NixOS
On 4 Jun 2015 10:05 pm, Ganesh Sittampalam gan...@earth.li wrote:
Hi,
I'm adding a service - darcsden - to NixOS that is designed to run as a
non-root
Hi,
I'm adding a service - darcsden - to NixOS that is designed to run as a
non-root user, but should optionally be able to bind to a privileged
port. It's not designed to start as root and then fork/drop privileges,
so I'd like to handle this at the OS level somehow.
I'm aware of various