From 91169cc152508327b55f41a0ddf58c5dd5c0b68c Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Tue, 26 Apr 2022 14:50:07 +0200 Subject: [PATCH] TT#157800 Add CAP_CHOWN capabilities to recording-daemon Otherwise new recordings won't have expected owner/group, when running rtpengine as its own user Change-Id: I8a6cf123a5467a412c1b2c3ea6c8db7fddc9dc2d --- debian/ngcp-rtpengine-recording-daemon.service | 2 +- el/rtpengine-recording.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/ngcp-rtpengine-recording-daemon.service b/debian/ngcp-rtpengine-recording-daemon.service index 81e155e60..10dd70573 100644 --- a/debian/ngcp-rtpengine-recording-daemon.service +++ b/debian/ngcp-rtpengine-recording-daemon.service @@ -11,7 +11,7 @@ Type=notify LimitNOFILE=100000 RuntimeDirectory=rtpengine-recording PIDFile=/run/rtpengine-recording/ngcp-rtpengine-recording-daemon.pid -AmbientCapabilities=CAP_NET_ADMIN +AmbientCapabilities=CAP_NET_ADMIN CAP_CHOWN User=rtpengine Group=rtpengine ExecStart=/usr/bin/rtpengine-recording -f -E --no-log-timestamps --pidfile /run/rtpengine-recording/ngcp-rtpengine-recording-daemon.pid --config-file /etc/rtpengine/rtpengine-recording.conf diff --git a/el/rtpengine-recording.service b/el/rtpengine-recording.service index b51b5b8a9..2f9aacc2f 100644 --- a/el/rtpengine-recording.service +++ b/el/rtpengine-recording.service @@ -10,7 +10,7 @@ Environment=CFG_FILE=/etc/rtpengine/rtpengine-recording.conf EnvironmentFile=/etc/sysconfig/rtpengine-recording User=ngcp-rtpengine Group=ngcp-rtpengine -AmbientCapabilities=CAP_NET_ADMIN +AmbientCapabilities=CAP_NET_ADMIN CAP_CHOWN RuntimeDirectory=rtpengine-recording PIDFile=/run/rtpengine-recording/rtpengine-recording.pid ExecStart=/usr/bin/rtpengine-recording --config-file=${CFG_FILE} --pidfile=${PID_FILE}