faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sys: keep cap_net_bind_service capability

Browse source 
This will be needed to allow opening of NTP server socket after root
privileges are dropped.
This commit is contained in:
Miroslav Lichvar 2015-01-06 11:17:47 +01:00
parent 6d1dda0fad
commit 40bbe2539b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys_linux.c
View file

@ -397,7 +397,7 @@ SYS_Linux_DropRoot(char *user)
LOG_FATAL(LOGF_SysLinux, "setuid(%d) failed", pw->pw_uid);
}
if ((cap = cap_from_text("cap_sys_time=ep")) == NULL) {
if ((cap = cap_from_text("cap_net_bind_service,cap_sys_time=ep")) == NULL) {
LOG_FATAL(LOGF_SysLinux, "cap_from_text() failed");
}