[Dnsmasq-discuss] Starting as non-root
Roy Marples
roy at marples.name
Mon May 13 10:02:08 BST 2019
On 13/05/2019 09:31, Kristoffel Pirard wrote:
> The dnsmasq man page for the --user parameter says that "Dnsmasq must
> _normally_ be started as root". We tested starting as non-root user,
> but with capabilities cap_net_bind_service, cap_net_admin, cap_net_raw.
> It currently seems to work, but I'm debating if we should actually use
> this 'hack'.
>
> So should the ambiguous adverb 'normally' be removed from the
> documentation? If not, what are the circumstances in which it is
> allowed to not start as root?
The whole world is not Linux. Most other OS's don't have these caps.
Roy
More information about the Dnsmasq-discuss
mailing list