Skip to content

allow awgtpman to run as unprivileged user

The awgtpman process is run as root only because it wants to bind to a privileged port. This is not necessary as capabilities exist to allow running it as a unprivileged user:

  • remove an unnecessary check in the awgtpman binary on the superuser status of the user

  • set CAP_NET_BIND_SERVICE in the systemd service to allow it to bind to privileged port

This should allow the service to run as a non-privileged user, which we set here to be advligorts.

closes #93 (closed)

Edited by Jameson Rollins

Merge request reports

Loading