mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-11-06 12:09:23 +01:00
ed283d7b14
This fixes an issue where the udp port was not being opened due to a permission denied error. The result of this was the dhcp client would fail to send the renewal request and so the dhcp lease would expire. The addition of the CAP_NET_BIND_SERVICE capability allows the service to open sockets in the restricted port range (<1024) which is required for dhcp.
29 lines
574 B
SYSTEMD
29 lines
574 B
SYSTEMD
[Unit]
|
|
Description=Wireless service
|
|
After=network-pre.target
|
|
Before=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=dbus
|
|
BusName=net.connman.iwd
|
|
ExecStart=@libexecdir@/iwd
|
|
NotifyAccess=main
|
|
LimitNPROC=1
|
|
Restart=on-failure
|
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE
|
|
PrivateTmp=true
|
|
NoNewPrivileges=true
|
|
DevicePolicy=closed
|
|
DeviceAllow=/dev/rfkill rw
|
|
ProtectHome=yes
|
|
ProtectSystem=strict
|
|
ProtectControlGroups=yes
|
|
ProtectKernelModules=yes
|
|
ConfigurationDirectory=iwd
|
|
StateDirectory=iwd
|
|
StateDirectoryMode=0700
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|