From bccc18b82531f9271752e5ca1b104a43b8d04de4 Mon Sep 17 00:00:00 2001 From: Hideki Saito Date: Mon, 22 Jun 2015 11:39:12 -0700 Subject: [PATCH] Granting CAP_SETUID as it seems to be needed --- systemd/softether-vpnbridge.service | 2 +- systemd/softether-vpnclient.service | 2 +- systemd/softether-vpnserver.service | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/systemd/softether-vpnbridge.service b/systemd/softether-vpnbridge.service index f1d6b894..2f508820 100644 --- a/systemd/softether-vpnbridge.service +++ b/systemd/softether-vpnbridge.service @@ -16,7 +16,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnbridge -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID [Install] WantedBy=multi-user.target diff --git a/systemd/softether-vpnclient.service b/systemd/softether-vpnclient.service index b31267f5..1e9dbd0e 100644 --- a/systemd/softether-vpnclient.service +++ b/systemd/softether-vpnclient.service @@ -17,7 +17,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnclient -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID [Install] WantedBy=multi-user.target diff --git a/systemd/softether-vpnserver.service b/systemd/softether-vpnserver.service index 34b1c828..951b13db 100644 --- a/systemd/softether-vpnserver.service +++ b/systemd/softether-vpnserver.service @@ -17,7 +17,7 @@ ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/opt/vpnserver -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID [Install] WantedBy=multi-user.target