I'm starting a webserver as non-root using a *systemd* unit file.
I am getting
listen tcp :80: bind: permission denied even though I already ran
setcap cap_net_bind_service=+ep
on the executable.
In an example unit file on the internet I found
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
to be used in the unit file. So I tried that out, and suddenly the application can bind port 80.
What does that tell me? setcap is old/deprecated/ignored? Only by *systemd* or by Linux in general?
Asked by AndreKR
(1228 rep)
Dec 14, 2018, 10:53 PM
Last activity: Dec 14, 2018, 11:08 PM
Last activity: Dec 14, 2018, 11:08 PM