diff options
Diffstat (limited to 'caddy-systemd-service.patch')
-rw-r--r-- | caddy-systemd-service.patch | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/caddy-systemd-service.patch b/caddy-systemd-service.patch index 779703c9247d..3f85f13f9988 100644 --- a/caddy-systemd-service.patch +++ b/caddy-systemd-service.patch @@ -1,15 +1,14 @@ ---- init/linux-systemd/caddy.service 2016-09-28 21:07:57.000000000 +0200 -+++ init/linux-systemd/caddy.service.patched 2016-09-29 13:51:35.533691718 +0200 -@@ -38,9 +38,9 @@ - ; The following additional security directives only work with systemd v229 or later. - ; They further retrict privileges that can be gained by caddy. Uncomment if you like. - ; Note that you may have to add capabilities required by any plugins in use. --;CapabilityBoundingSet=CAP_NET_BIND_SERVICE --;AmbientCapabilities=CAP_NET_BIND_SERVICE --;NoNewPrivileges=true -+CapabilityBoundingSet=CAP_NET_BIND_SERVICE -+AmbientCapabilities=CAP_NET_BIND_SERVICE -+NoNewPrivileges=true - - [Install] - WantedBy=multi-user.target +11,12c11,12 +< User=www-data +< Group=www-data +--- +> User=http +> Group=http +41,43c41,43 +< ;CapabilityBoundingSet=CAP_NET_BIND_SERVICE +< ;AmbientCapabilities=CAP_NET_BIND_SERVICE +< ;NoNewPrivileges=true +--- +> CapabilityBoundingSet=CAP_NET_BIND_SERVICE +> AmbientCapabilities=CAP_NET_BIND_SERVICE +> NoNewPrivileges=true |