diff options
author | Andreas Linz | 2016-09-29 13:55:01 +0200 |
---|---|---|
committer | Andreas Linz | 2016-09-29 14:29:52 +0200 |
commit | 04a425013b7c22595bab8a32729b980007beb1cf (patch) | |
tree | aabc57d626ee11803bafbd4939bbaf1c5233a645 /caddy-systemd-service.patch | |
parent | 243af17d763938ab743bb030862d1dd3908a2b22 (diff) | |
download | aur-04a425013b7c22595bab8a32729b980007beb1cf.tar.gz |
Patch caddy's systemd service file to reenable capabilities
This commit
https://github.com/mholt/caddy/commit/3f83eccfbd7f553c593d8e89d173699fb4cd2b61 removed the capabilities which are required for caddy in Arch linux.
Patch caddy's systemd service file to reenable capabilities
This commit
https://github.com/mholt/caddy/commit/3f83eccfbd7f553c593d8e89d173699fb4cd2b61 removed the capabilities which are required for caddy in Arch linux.
Diffstat (limited to 'caddy-systemd-service.patch')
-rw-r--r-- | caddy-systemd-service.patch | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/caddy-systemd-service.patch b/caddy-systemd-service.patch new file mode 100644 index 000000000000..779703c9247d --- /dev/null +++ b/caddy-systemd-service.patch @@ -0,0 +1,15 @@ +--- init/linux-systemd/caddy.service 2016-09-28 21:07:57.000000000 +0200 ++++ init/linux-systemd/caddy.service.patched 2016-09-29 13:51:35.533691718 +0200 +@@ -38,9 +38,9 @@ + ; The following additional security directives only work with systemd v229 or later. + ; They further retrict privileges that can be gained by caddy. Uncomment if you like. + ; Note that you may have to add capabilities required by any plugins in use. +-;CapabilityBoundingSet=CAP_NET_BIND_SERVICE +-;AmbientCapabilities=CAP_NET_BIND_SERVICE +-;NoNewPrivileges=true ++CapabilityBoundingSet=CAP_NET_BIND_SERVICE ++AmbientCapabilities=CAP_NET_BIND_SERVICE ++NoNewPrivileges=true + + [Install] + WantedBy=multi-user.target |