grafana/bind-net-capabilities.md at 01afde24f5efcabe493b71845aa7b2965da15e93

opensource/grafana

Fork 0

mirror of https://github.com/grafana/grafana.git synced 2025-07-27 22:52:07 +08:00

Files

Timothee f3ba16d3b7 Tidying up the Grafana setup documentation (#93860 )

2024-09-27 15:57:38 +00:00

1.0 KiB

Raw Blame History

labels

title

products

enterprise

oss

Serving Grafana on a port < 1024

If you are using systemd and want to start Grafana on a port that is lower than 1024, you must add a systemd unit override.

Run the following command to create an override file in your configured editor.

# Alternatively, create a file in /etc/systemd/system/grafana-server.service.d/override.conf
sudo systemctl edit grafana-server.service

Add the following additional settings to grant the CAP_NET_BIND_SERVICE capability.

To learn more about capabilities, refer to capabilities(7) — Linux manual page.

[Service]
# Give the CAP_NET_BIND_SERVICE capability
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE

# A private user cannot have process capabilities on the host's user
# namespace and thus CAP_NET_BIND_SERVICE has no effect.
PrivateUsers=false

1.0 KiB Raw Blame History

1.0 KiB

Raw Blame History