diff options
| author | Ilya Mashchenko <ilya@netdata.cloud> | 2022-10-31 16:39:20 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-31 16:39:20 +0200 |
| commit | df87a538cfaba5014a752937714756b7c5d30c93 (patch) | |
| tree | a429f3dd79effc30f2b8b6215540cf71d2967491 | |
| parent | df2550b0f5db62ea1c89a9b473a6c8a145452831 (diff) | |
feat(packaging): add CAP_NET_RAW to go.d.plugin (#13909)
| -rw-r--r-- | contrib/debian/netdata.postinst | 2 | ||||
| -rwxr-xr-x | netdata-installer.sh | 2 | ||||
| -rw-r--r-- | netdata.spec.in | 2 | ||||
| -rwxr-xr-x | packaging/makeself/install-or-update.sh | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/contrib/debian/netdata.postinst b/contrib/debian/netdata.postinst index cf6a760604..daea8cb402 100644 --- a/contrib/debian/netdata.postinst +++ b/contrib/debian/netdata.postinst @@ -64,7 +64,7 @@ case "$1" in fi if [ -f "/usr/libexec/netdata/plugins.d/go.d.plugin" ]; then - setcap cap_net_admin+epi /usr/libexec/netdata/plugins.d/go.d.plugin + setcap "cap_net_admin+epi cap_net_raw=eip" /usr/libexec/netdata/plugins.d/go.d.plugin fi chmod 4750 /usr/libexec/netdata/plugins.d/cgroup-network diff --git a/netdata-installer.sh b/netdata-installer.sh index a466447238..94745a2951 100755 --- a/netdata-installer.sh +++ b/netdata-installer.sh @@ -1441,7 +1441,7 @@ install_go() { fi run chmod 0750 "${NETDATA_PREFIX}/usr/libexec/netdata/plugins.d/go.d.plugin" if command -v setcap 1>/dev/null 2>&1; then - run setcap cap_net_admin+epi "${NETDATA_PREFIX}/usr/libexec/netdata/plugins.d/go.d.plugin" + run setcap "cap_net_admin+epi cap_net_raw=eip" "${NETDATA_PREFIX}/usr/libexec/netdata/plugins.d/go.d.plugin" fi rm -rf "${tmp}" diff --git a/netdata.spec.in b/netdata.spec.in index a75e48ddaa..cbbe6ab736 100644 --- a/netdata.spec.in +++ b/netdata.spec.in @@ -516,7 +516,7 @@ rm -rf "${RPM_BUILD_ROOT}" %attr(4750,root,netdata) %{_libexecdir}/%{name}/plugins.d/freeipmi.plugin # go.d.plugin (the capability required for wireguard module) -%caps(cap_net_admin=epi) %{_libexecdir}/%{name}/plugins.d/go.d.plugin +%caps(cap_net_admin,cap_net_raw=eip) %{_libexecdir}/%{name}/plugins.d/go.d.plugin # Enforce 0644 for files and 0755 for directories # for the netdata web directory diff --git a/packaging/makeself/install-or-update.sh b/packaging/makeself/install-or-update.sh index aef67a156d..be2b2f75f8 100755 --- a/packaging/makeself/install-or-update.sh +++ b/packaging/makeself/install-or-update.sh @@ -215,7 +215,7 @@ for x in apps.plugin freeipmi.plugin ioping cgroup-network ebpf.plugin perf.plug done if [ -f "usr/libexec/netdata/plugins.d/go.d.plugin" ] && command -v setcap 1>/dev/null 2>&1; then - run setcap cap_net_admin+epi "usr/libexec/netdata/plugins.d/go.d.plugin" + run setcap "cap_net_admin+epi cap_net_raw=eip" "usr/libexec/netdata/plugins.d/go.d.plugin" fi # fix the fping binary |