diff options
| author | Vincent Bernat <vincent@bernat.ch> | 2019-12-18 23:07:07 +0100 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@gmail.com> | 2020-01-05 21:48:16 +0900 |
| commit | 377213886c32d869e52bad434dda764bc69f6a53 (patch) | |
| tree | f7af149017fdedbce6c6d02d586698bc9aa45119 /tools | |
| parent | 543f50ded98b7c6da29bdd70246d1c8e17ab93cd (diff) | |
contrib: simplify instructions for systemd
Using setcap is not used when systemd file contains
AmbientCapabilities=CAP_NET_BIND_SERVICE.
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/contrib/centos/README.md | 9 | ||||
| -rw-r--r-- | tools/contrib/centos/gobgpd.service | 2 |
2 files changed, 1 insertions, 10 deletions
diff --git a/tools/contrib/centos/README.md b/tools/contrib/centos/README.md index a8416b45..68089483 100644 --- a/tools/contrib/centos/README.md +++ b/tools/contrib/centos/README.md @@ -12,14 +12,6 @@ mv gobgp /usr/bin/ mv gobgpd /usr/bin/ ``` -Grant the capability to bind to system or well-known ports, i.e. ports with -numbers `0–1023`, to `gobgpd` binary: - -```bash -/sbin/setcap cap_net_bind_service=+ep /usr/bin/gobgpd -/sbin/getcap /usr/bin/gobgpd -``` - First, create a system account for `gobgp` service: ```bash @@ -50,7 +42,6 @@ cat << EOF > /etc/gobgpd/gobgpd.conf neighbor-address = "$BGP_PEER" peer-as = $BGP_AS EOF -chown -R gobgpd:gobgpd /etc/gobgpd/gobgpd.conf ``` Next, copy the `systemd` unit file, i.e. `gobgpd.service`, in this directory diff --git a/tools/contrib/centos/gobgpd.service b/tools/contrib/centos/gobgpd.service index ecd72149..7572c0d5 100644 --- a/tools/contrib/centos/gobgpd.service +++ b/tools/contrib/centos/gobgpd.service @@ -12,7 +12,7 @@ StandardOutput=journal StandardError=journal User=gobgpd Group=gobgpd -AmbientCapabilities = CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target |