탐색 도움말
로그인
Apq
/
sing-box
의 미러 https://github.com/SagerNet/sing-box.git
1
0
포크 0
파일 이슈 0 위키
소스 검색

release: Fix systemd permissions

Gavin Luo 11 달 전
부모
93b68312cf
커밋
7eb3535094
3개의 변경된 파일6개의 추가작업 그리고 6개의 파일을 삭제
분할 보기 변경상태 보기
  1. 2 2
      release/config/sing-box.service
  2. 2 2
      release/config/[email protected]
  3. 2 2
      release/local/sing-box.service

+ 2 - 2
release/config/sing-box.service
파일 보기 

@@ -4,8 +4,8 @@ Documentation=https://sing-box.sagernet.org
 
 After=network.target nss-lookup.target network-online.target
 
 
 [Service]
 
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
-AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
 ExecStart=/usr/bin/sing-box -D /var/lib/sing-box -C /etc/sing-box run
 
 ExecReload=/bin/kill -HUP $MAINPID
 
 Restart=on-failure

+ 2 - 2
release/config/[email protected]
파일 보기 

@@ -4,8 +4,8 @@ Documentation=https://sing-box.sagernet.org
 
 After=network.target nss-lookup.target network-online.target
 
 
 [Service]
 
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
-AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
 ExecStart=/usr/bin/sing-box -D /var/lib/sing-box-%i -c /etc/sing-box/%i.json run
 
 ExecReload=/bin/kill -HUP $MAINPID
 
 Restart=on-failure

+ 2 - 2
release/local/sing-box.service
파일 보기 

@@ -4,8 +4,8 @@ Documentation=https://sing-box.sagernet.org
 
 After=network.target nss-lookup.target network-online.target
 
 
 [Service]
 
-CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
-AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
 
 ExecStart=/usr/local/bin/sing-box -D /var/lib/sing-box -C /usr/local/etc/sing-box run
 
 ExecReload=/bin/kill -HUP $MAINPID
 
 Restart=on-failure