[S] Change in osmo-upf[master]: contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN - gerrit-log

30 Apr 2024

osmith has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-upf/+/36670?usp=email )
Change subject: contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN
......................................................................
contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN
Set CAP_NET_ADMIN so osmo-upf can set up GTP tunends and tunmaps even if
running as user.
Fix for:
  Operation not permitted (you must be root)
  netlink: Error: cache initialization failed: Operation not permitted
  20240430095022378 DNFT ERROR error running nft ruleset: rc=-1 ruleset="add table inet osmo-upf { flags owner; };\n" (upf_nft.c:79)
  20240430095022378 DNFT ERROR Failed to create nft table "osmo-upf" (upf_nft.c:111)
Fixes: OS#6444
Change-Id: I17b21ad92837ad360d667248f3f002d44251891c
---
M contrib/systemd/osmo-upf.service
1 file changed, 21 insertions(+), 0 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/70/36670/1

diff --git a/contrib/systemd/osmo-upf.service b/contrib/systemd/osmo-upf.service
index 93dd84f..7e658d5 100644
--- a/contrib/systemd/osmo-upf.service
+++ b/contrib/systemd/osmo-upf.service
@@ -12,6 +12,8 @@
 Group=osmocom
 ExecStart=/usr/bin/osmo-upf -c /etc/osmocom/osmo-upf.cfg
 RestartSec=2
+AmbientCapabilities=CAP_NET_ADMIN
+
[Install]
 WantedBy=multi-user.target
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/36670?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-upf
Gerrit-Branch: master
Gerrit-Change-Id: I17b21ad92837ad360d667248f3f002d44251891c
Gerrit-Change-Number: 36670
Gerrit-PatchSet: 1
Gerrit-Owner: osmith osmith@sysmocom.de
Gerrit-MessageType: newchange



    