upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-03 04:09:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- For #1350, same CAP_NET_ADMIN change for unbound_portable.service.in

Browse source 
as well.
This commit is contained in:
Yorgos Thessalonikefs 2025-09-23 17:42:41 +02:00
parent 0b8ed987de
commit 421d317a64
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
contrib/unbound_portable.service.in
View file

@ -26,7 +26,7 @@ ExecReload=+/bin/kill -HUP $MAINPID
ExecStart=@UNBOUND_SBIN_DIR@/unbound -d -p
NotifyAccess=main
Type=notify
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_ADMIN
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true

2
doc/Changelog
View file

@ -3,6 +3,8 @@
pythonmod_init.
- For #1352, align with the current Python<3 code.
- Merge #1350 from Maryse47: unbound.service.in: allow CAP_NET_ADMIN.
- For #1350, same CAP_NET_ADMIN change for unbound_portable.service.in
as well.
19 September 2025: Wouter
- Fix to remove configure~ from release tarballs.