From 882320e45aae01e5d26e86167245683abc5f0019 Mon Sep 17 00:00:00 2001 From: unknowndev233 Date: Tue, 10 Mar 2020 23:49:42 +0800 Subject: [PATCH] add NoNewPrivileges=yes & CAP_NET_RAW --- release/config/systemd/v2ray.service | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/release/config/systemd/v2ray.service b/release/config/systemd/v2ray.service index 31884040..c8dcbfd2 100644 --- a/release/config/systemd/v2ray.service +++ b/release/config/systemd/v2ray.service @@ -14,7 +14,8 @@ Type=simple # More discussion at https://github.com/v2ray/v2ray-core/issues/1011 User=root #User=v2ray -#AmbientCapabilities=CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW +NoNewPrivileges=yes ExecStart=/usr/bin/v2ray/v2ray -config /etc/v2ray/config.json Restart=on-failure # Don't restart in the case of configuration error