[Pdns-users] why CAP_CHOWN?

Remi Gacogne remi.gacogne at powerdns.com
Mon May 18 07:58:15 UTC 2020

Hi Michael,

On 5/16/20 10:43 PM, Michael Ströder via Pdns-users wrote:
> On 5/16/20 10:25 PM, bert hubert wrote:
>> On Sat, May 16, 2020 at 08:42:21PM +0200, Michael Ströder via Pdns-users wrote:
>>> But I wonder why CAP_CHOWN is set in CapabilityBoundingSet= and
>>> AmbientCapabilities= and I could not find a reason in the git history of
>>> that file.
>> We chown the UNIX domain control socket to the 'setgid' and 'setuid'
>> setting.
>> This is likely why we need CAP_CHOWN.
> It seems to create the control socket just fine because the User= and
> Group= are set:
> srwxr-xr-x 1 pdns pdns 0 May 16 22:39
> /run/pdns-recursor/pdns_recursor.controlsocket=
> Anything more I could test to ensure that it's safe to remove CAP_CHOWN?

As far as I can tell the only call to chown() in the recursor is to
update the ownership of the Unix domain control socket to the value
defined by the "socket-owner" and "socket-group" settings. Therefore I
don't think we need CAP_CHOWN if these are not set (which is the default).

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20200518/04ab8b0c/attachment.sig>

More information about the Pdns-users mailing list