bug#64862: [feature request] [shepherd] Specifying POSIX capabilities on

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#64862: [feature request] [shepherd] Specifying POSIX capabilities on

From:	Maxim Cournoyer
Subject:	bug#64862: [feature request] [shepherd] Specifying POSIX capabilities on services
Date:	Tue, 25 Jul 2023 17:04:26 -0400

Hello,

It'd be useful to be able to specify POSIX capabilities a Shepherd
service should have, for example for an unprivileged process to be able
to bind to ports lower than 1024.

This came up while reviewing #63082, which patch 10/16 (now dropped
because of loss of functionality) suggested to let the user/group change
be effected by Shepherd instead of by MPD itself (see:
https://issues.guix.gnu.org/63082#98).

I know that NixOS has some mechanism to do that; I think it was a simple
shell script wrapper setting the capabilities, but that's all I
remember.

-- 
Thanks,
Maxim

[Prev in Thread]

Current Thread

[Next in Thread]

bug#64862: [feature request] [shepherd] Specifying POSIX capabilities on services, Maxim Cournoyer <=

Prev by Date: bug#63082: mpd defaul configuration does not work ('No database' error)
Next by Date: bug#64858: ~guix shell -C -f guix.scm …~ should not always need ~--rebuild-cache~ option to build the expected environment.
Previous by thread: bug#63082: mpd defaul configuration does not work ('No database' error)
Next by thread: bug#64858: ~guix shell -C -f guix.scm …~ should not always need ~--rebuild-cache~ option to build the expected environment.
Index(es):
- Date
- Thread