I have also tried:
InheritableCapabilities=CAP_NET_BIND_SERVICE CAP_NET_ADMIN CAP_SETGID
CAP_SETUID CAP_SYS_RESOURCE
and various other options without avail.
-- Forwarded message --
From: Mathew Heard
Date: Wed, Oct 12, 2016 at 9:01 PM
Subject: CAP_NET_ADMIN
To: nginx
Hi All,
I am stuck trying to get my nginx service which is launched via
SystemD to give CAP_NET_ADMIN to its workers (required for
IP_TRANSPARENT).
I have tried /etc/security/capability.conf & setcap. SystemD has the
permission whitelisted:
CapabilityBoundingSet=CAP_NET_BIND_SER
