Remove root check at startup#40
Conversation
Background: A process, especially a long-running process that has contact with the outside world, should not have to start with privileged access. With the help of the capabilities system, it is possible to assign individual required permissions to the process and thus also dispense with root privileges (example `CapabilityBoundingSet/AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW` in systemd). Signed-off-by: Marek Küthe <m.k@mk16.de>
As far as I understand the source code, the root check does not request any rights or similar, but simply terminates the program if it is not executed as root. Therefore, any option to execute the program without privileges is removed. Alternatively, to cover both user-friendliness and my use case, I could keep the root check but only issue a warning (no error that terminates the program). What do you think is better? |
Background: A process, especially a long-running process that has contact with the outside world, should not have to start with privileged access. With the help of the capabilities system, it is possible to assign individual required permissions to the process and thus also dispense with root privileges (example
CapabilityBoundingSet/AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAWin systemd).Closes #39, #42