-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 >> CapabilityBoundingSet: >> >> Since you add CAP_FOWNER (compared to upstream): What use cases >> require it? > > CAP_FOWNER is required by "ControlSocket /var/run/tor/control". > Tor chowns the control socket on startup (and fails to start if > this does not succeed).
I was able to use ControlSocket without CAP_FOWNER. Adding CAP_DAC_OVERRIDE and CAP_CHOWN was enough in my case. See also: https://lists.torproject.org/pipermail/tor-dev/2015-April/008638.html What tor version did you test with? thanks, nusenu -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVRyECAAoJEFv7XvVCELh0h2UP/jMTEknl49OOgKKobZ0eqaZ/ 0ZJzwrrbY7GHjehl2Tf9V2EvekIkZMEvg1J1I293Kxlq4rYLCA1IBOCA/LxL0auD nugF5U6xYRQdLKjBlb3/DdSFF/ms87aqt4iBd/mxSlX5oOwW6RwuRSeh4GW0r3/k 13zQKYhzoFjb+H2l614yoeaaoMxrL7m3+qVzquKsSAa/ew4mvGi7y3sWzzUwQvJx GrzQgqOK4+mbNA+uanLLhC5QSRuwtYfSlgcsRRA+vSqdukJbFYifZs3HjLtEjA6Z VRe1aurJ2d6XDiBSkPbNc8okCgsXTsi3PxKLDrD75rzlU/hD+UU9mrJacoLU4y4b utcCr15z8ovCOZXNbR9nf7mrtwE6H5ZH7iRPwwIpuV7XRYKgylu0biJRmAcZBthr 6vPpgOENoPIQxVXmGWmpB0Fd8xp1AexT6DxEIrrQmlG2DhCq1i88HHIpTtrwFzY0 Kkr1zR5cEIxIjrZgGECBOtNsLzLY4YHgwgRYZjP2AwccKwTM88jGeQLKtuRYrCeX C+90alTLQVl14mY6wu+c9iTxejG06Db2dXKZ6KX+zGW5ippibFcy/WTRNTpmyIWf oYuySYJwEEE0JgnSuhuRgvxRs/zr8LJtrEC+bjpqIeRYIcwAPtvhpg9UI0gY5n4u QwZVefbznZNYbOzN7AuQ =Jo+x -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
