Skip to content
Snippets Groups Projects
Verified Commit 91b546f0 authored by micah's avatar micah :speech_balloon:
Browse files

Add NET_RAW as inheritable on openvpn.

parent 52dcadff
No related branches found
No related tags found
No related merge requests found
Pipeline #44731 passed
Stage: build
Show whitespace changes
Inline Side-by-side
Showing
with 2 additions and 2 deletions
Dockerfile
+ 2
2
View file @ 91b546f0
...@@ -26,6 +26,6 @@ COPY cznic-obs.gpg /etc/apt/trusted.gpg.d ...@@ -26,6 +26,6 @@ COPY cznic-obs.gpg /etc/apt/trusted.gpg.d
RUN apt-get -q update && env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ RUN apt-get -q update && env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
openvpn libcap2-bin netcat-openbsd iptables knot-resolver knot-resolver-module-http \ openvpn libcap2-bin netcat-openbsd iptables knot-resolver knot-resolver-module-http \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN setcap cap_net_admin,cap_net_bind_service+eip /usr/sbin/openvpn RUN setcap cap_net_admin,cap_net_bind_service,cap_net_raw+eip /usr/sbin/openvpn
RUN setcap cap_net_admin+eip /bin/ip RUN setcap cap_net_admin+ep /bin/ip
RUN setcap cap_net_bind_service+ep /usr/sbin/kresd RUN setcap cap_net_bind_service+ep /usr/sbin/kresd
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment