cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

nixos/unbound: note about the AmbientCapabilities

Browse source
This commit is contained in:
Andreas Rammhold 2020-11-01 22:11:11 +01:00
parent 5e602f88d1
commit 72fbf05c17
No known key found for this signature in database
GPG key ID: E432E410B5E48C86
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/modules/services/networking/unbound.nix
View file

@ -137,6 +137,7 @@ in
NotifyAccess = "main"; NotifyAccess = "main";
Type = "notify"; Type = "notify";
# FIXME: Which of these do we actualy need, can we drop the chroot flag?
AmbientCapabilities = [ AmbientCapabilities = [
"CAP_NET_BIND_SERVICE" "CAP_NET_BIND_SERVICE"
"CAP_NET_RAW" "CAP_NET_RAW"