606644 – net-dns/knot: systemd service with enhanced security

Bug 606644 - net-dns/knot: systemd service with enhanced security

Summary: net-dns/knot: systemd service with enhanced security

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Pierre-Olivier Mercier

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-01-20 21:40 UTC by hexum
Modified:	2017-08-23 13:28 UTC (History)
CC List:	4 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
knot.service (knot.service,376 bytes, text/plain) 2017-01-20 21:40 UTC, hexum	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description hexum 2017-01-20 21:40:48 UTC

Created attachment 460774 [details]
knot.service

Force user and group in systemd service. Do not wait for privileges drop.

Comment 1 Pierre-Olivier Mercier 2017-03-30 09:33:06 UTC

The systemd feature AmbientCapabilities is only available since 229 release.

As the current stable systemd for Gentoo is 226, I think we have to wait before integrate your service file.

Comment 2 Pierre-Olivier Mercier 2017-08-23 13:28:30 UTC

As current stable systemd is >=233 for all arch, your service file has been added to the tree, as of net-dns/knot-2.5.3-r1.

See: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=91cdae70f2fa6322ff9b38336b24312bdd3c3810