[Dnsmasq-discuss] Starting as non-root
Kristoffel Pirard
kristoffel.pirard at gmail.com
Mon May 13 11:51:09 BST 2019
So I should interpret it as 'unless you have a really good reason and you
know what you're doing'? (Which I answer 'no' to twice)
On Mon, 13 May 2019, 12:36 Geert Stappers, <stappers at hendrikx-itc.nl> wrote:
>
> On 13-05-2019 11:02, Roy Marples wrote:
> > On 13/05/2019 09:31, Kristoffel Pirard wrote:
> >> The dnsmasq man page for the --user parameter says that "Dnsmasq must
> >> _normally_ be started as root". We tested starting as non-root user,
> >> but with capabilities cap_net_bind_service, cap_net_admin,
> >> cap_net_raw. It currently seems to work, but I'm debating if we
> >> should actually use this 'hack'.
> >>
> >> So should the ambiguous adverb 'normally' be removed from the
> >> documentation? If not, what are the circumstances in which it is
> >> allowed to not start as root?
> >
> > The whole world is not Linux. Most other OS's don't have these caps.
> >
> >
> In other words: The _normally_ in 'Dnsmasq must normally be started
> as root' is correct.
>
>
> Cheers
>
> Geert Stappers
>
>
>
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20190513/b6ebf7d5/attachment-0001.html>
More information about the Dnsmasq-discuss
mailing list