From: Ruben Kerkhof <ruben@rubenkerkhof.com>
Date: Thu, 19 Feb 2015 19:45:27 +0000 (+0100)
Subject: recursor needs capability to switch user and group
X-Git-Tag: dnsdist-1.0.0-alpha1~248^2~127^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F2256%2Fhead;p=thirdparty%2Fpdns.git

recursor needs capability to switch user and group
---

diff --git a/contrib/systemd-pdns-recursor.service b/contrib/systemd-pdns-recursor.service
index 83980c1591..903cd2c7d3 100644
--- a/contrib/systemd-pdns-recursor.service
+++ b/contrib/systemd-pdns-recursor.service
@@ -10,7 +10,7 @@ Type=forking
 ExecStart=/usr/sbin/pdns_recursor --daemon
 PrivateTmp=true
 PrivateDevices=true
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID
 NoNewPrivileges=true
 ProtectSystem=full
 ProtectHome=true