You are not logged in.
My problem originally manifested with Caddy web server, but it is not limited to it. Thus I have a simple unit to troubleshoot with a random binary (capsh):
[Service]
ExecStart=/sbin/capsh --print
AmbientCapabilities=CAP_NET_BIND_SERVICE
User=nobodyI have run strace -f -p 1 which traces PID 1 and its children, so I could see the raw error after starting the unit:
prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, CAP_NET_BIND_SERVICE, 0, 0) = -1 EINVAL (Invalid argument)Because of this, I have to resort to sudo setcap cap_net_bind_service=+ep for the Caddy binary and commenting out the capabilities settings in the unit. I am staying with systemd 231, because newer versions error out even though I have setcapped the binary.
What further debugging options do I have?
Last edited by buovjaga (2017-04-01 15:42:44)
Offline