opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-28 06:22:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/docs/sources/shared/systemd/bind-net-capabilities.md
Kevin Minehart c8651c46d0 Packaging: document systemd net bind capability rpm and deb installations (#40165) 
* add systemd net bind capability docs for rpm and deb

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-10-07 22:56:42 +02:00

907 B
Raw Blame History

title
Serving Grafana on a port < 1024

If you are using systemd and want to start Grafana on a port that is less than 1024, then you must add a systemd unit override.

  1. The following command creates an override file in your configured editor:
# Alternatively, create a file in /etc/systemd/system/grafana-server.service.d/override.conf
systemctl edit grafana-server.service

1 Add these additional settings to grant the CAP_NET_BIND_SERVICE capability. To read more about capabilities, see the manual page on capabilities.

[Service]
# Give the CAP_NET_BIND_SERVICE capability
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE

# A private user cannot have process capabilities on the host's user
# namespace and thus CAP_NET_BIND_SERVICE has no effect.
PrivateUsers=false