diff options
| author | Philippe Guibert <philippe.guibert@6wind.com> | 2019-03-26 08:56:15 +0100 |
|---|---|---|
| committer | Philippe Guibert <philippe.guibert@6wind.com> | 2019-05-07 15:49:39 +0200 |
| commit | 4e6b48d3dbd067f633a5d3f8c5d5ef4cb58a03a0 (patch) | |
| tree | 59843e3e456a693dd8ceab2c6f22bc7a667c95f5 | |
| parent | bfdd: socket creation in a vrf can be done (diff) | |
| download | frr-4e6b48d3dbd067f633a5d3f8c5d5ef4cb58a03a0.tar.xz frr-4e6b48d3dbd067f633a5d3f8c5d5ef4cb58a03a0.zip | |
bfdd: add sys_admin capability and net_raw capability
in order to be able to create sockets on separate namespaces, add the
privs setting needed.
the former capability is needed to use SO_BINDTODEVICE option.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Diffstat (limited to '')
| -rw-r--r-- | bfdd/bfdd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bfdd/bfdd.c b/bfdd/bfdd.c index 6023b5e4f..a7643c134 100644 --- a/bfdd/bfdd.c +++ b/bfdd/bfdd.c @@ -39,7 +39,7 @@ DEFINE_MTYPE(BFDD, BFDD_NOTIFICATION, "short-lived control notification data"); struct thread_master *master; /* BFDd privileges */ -static zebra_capabilities_t _caps_p[] = {ZCAP_BIND}; +static zebra_capabilities_t _caps_p[] = {ZCAP_BIND, ZCAP_SYS_ADMIN, ZCAP_NET_RAW}; struct zebra_privs_t bfdd_privs = { #if defined(FRR_USER) && defined(FRR_GROUP) |