[sr-dev] git:5.3:2a3b8d43: pkg: add CAP_CHOWN capability to Kamailio systemd service files to allow chown (#2391)

Henning Westerholt hw at skalatan.de
Fri Oct 30 12:27:55 CET 2020 

Module: kamailio
Branch: 5.3
Commit: 2a3b8d43923fc49fa9095e20c6e3cfb6cf5516e1
URL: https://github.com/kamailio/kamailio/commit/2a3b8d43923fc49fa9095e20c6e3cfb6cf5516e1

Author: Henning Westerholt <hw at skalatan.de>
Committer: Henning Westerholt <hw at skalatan.de>
Date: 2020-10-30T11:27:25Z

pkg: add CAP_CHOWN capability to Kamailio systemd service files to allow chown (#2391)

- add CAP_CHOWN capability to Kamailio systemd service files to allow chown
- needed e.g. for user and group setting from jsonrpcs and ctl modules
- related to github issue #2391

(cherry picked from commit 8b72f462deb4b66fb55f754abc93bf7295278afa)

---

Modified: pkg/kamailio/deb/bionic/kamailio.service
Modified: pkg/kamailio/deb/buster/kamailio.service
Modified: pkg/kamailio/deb/debian/kamailio.service
Modified: pkg/kamailio/deb/jessie/kamailio.service
Modified: pkg/kamailio/deb/sid/kamailio.service
Modified: pkg/kamailio/deb/stretch/kamailio.service
Modified: pkg/kamailio/deb/xenial/kamailio.service
Modified: pkg/kamailio/obs/kamailio.service

---

Diff:  https://github.com/kamailio/kamailio/commit/2a3b8d43923fc49fa9095e20c6e3cfb6cf5516e1.diff
Patch: https://github.com/kamailio/kamailio/commit/2a3b8d43923fc49fa9095e20c6e3cfb6cf5516e1.patch

---

diff --git a/pkg/kamailio/deb/bionic/kamailio.service b/pkg/kamailio/deb/bionic/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/bionic/kamailio.service
+++ b/pkg/kamailio/deb/bionic/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/buster/kamailio.service b/pkg/kamailio/deb/buster/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/buster/kamailio.service
+++ b/pkg/kamailio/deb/buster/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/debian/kamailio.service b/pkg/kamailio/deb/debian/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/debian/kamailio.service
+++ b/pkg/kamailio/deb/debian/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/jessie/kamailio.service b/pkg/kamailio/deb/jessie/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/jessie/kamailio.service
+++ b/pkg/kamailio/deb/jessie/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/sid/kamailio.service b/pkg/kamailio/deb/sid/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/sid/kamailio.service
+++ b/pkg/kamailio/deb/sid/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/stretch/kamailio.service b/pkg/kamailio/deb/stretch/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/stretch/kamailio.service
+++ b/pkg/kamailio/deb/stretch/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/deb/xenial/kamailio.service b/pkg/kamailio/deb/xenial/kamailio.service
index a411114db9..91f804dbb9 100644
--- a/pkg/kamailio/deb/xenial/kamailio.service
+++ b/pkg/kamailio/deb/xenial/kamailio.service
@@ -20,6 +20,8 @@ Restart=on-failure
 # /run/kamailio in tmpfs
 RuntimeDirectory=kamailio
 RuntimeDirectoryMode=0770
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target
diff --git a/pkg/kamailio/obs/kamailio.service b/pkg/kamailio/obs/kamailio.service
index c14d6cb2f2..56d8339939 100644
--- a/pkg/kamailio/obs/kamailio.service
+++ b/pkg/kamailio/obs/kamailio.service
@@ -13,6 +13,8 @@ Environment='PKG_MEMORY=4'
 EnvironmentFile=-/etc/sysconfig/kamailio
 ExecStart=/usr/sbin/kamailio -DD -P /var/run/kamailio/kamailio.pid -f $CFGFILE -m $SHM_MEMORY -M $PKG_MEMORY
 Restart=on-failure
+# necessary for chown of control files e.g. for jsonrpcs and ctl modules
+AmbientCapabilities=CAP_CHOWN
 
 [Install]
 WantedBy=multi-user.target

More information about the sr-dev mailing list