openvpn

mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-19 19:42:30 +02:00

History

Timo Rothenpieler 2e359a0882 Linux: Retain CAP_NET_ADMIN when dropping privileges On Linux, when dropping privileges, interaction with the network configuration, such as tearing down routes or ovpn-dco interfaces will fail when --user/--group are used. This patch sets the CAP_NET_ADMIN capability, which grants the needed privileges during the lifetime of the OpenVPN process when dropping root privileges. Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org> Reviewed-By: David Sommerseth <davids@openvpn.net> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Message-Id: <20220514103717.235-1-timo@rothenpieler.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24360.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2022-08-11 11:59:08 +02:00
..
systemd	Linux: Retain CAP_NET_ADMIN when dropping privileges	2022-08-11 11:59:08 +02:00
Makefile.am	update copyright year to 2022	2022-01-26 13:38:41 +01:00

Timo Rothenpieler 2e359a0882 Linux: Retain CAP_NET_ADMIN when dropping privileges

On Linux, when dropping privileges, interaction with
the network configuration, such as tearing down routes
or ovpn-dco interfaces will fail when --user/--group are
used.

This patch sets the CAP_NET_ADMIN capability, which grants
the needed privileges during the lifetime of the OpenVPN
process when dropping root privileges.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Reviewed-By: David Sommerseth <davids@openvpn.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20220514103717.235-1-timo@rothenpieler.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24360.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

2022-08-11 11:59:08 +02:00

systemd

Linux: Retain CAP_NET_ADMIN when dropping privileges

2022-08-11 11:59:08 +02:00

Makefile.am

2022-01-26 13:38:41 +01:00