setsockopt for systemd unit - error: "Operation not permited"

Question

I'm trying to run BindToInterface in a script as part of a systemd service that runs under its own separate user.

The service file looks like this:

[Unit]
Description=Deluge Bittorrent Client Daemon
Documentation=man:deluged
After=network-online.target mnt-storage.mount
Requires=mnt-storage.mount
BindsTo=mnt-storage.mount

[Service]
Type=simple
UMask=000

ExecStart=/bin/bash /media/bti/deluged.sh

Restart=on-failure

# Time to wait before forcefully stopped.
TimeoutStopSec=300

[Install]
WantedBy=multi-user.target

The script is as follows:

#!/bin/bash

BIND_INTERFACE=eno2 DNS_OVERRIDE_IP=8.8.8.8 BIND_EXCLUDE=127.0.0.1,192.168. LD_PRELOAD=/media/bti/bindToInterface.so /usr/bin/deluged -d -l /var/log/deluge/daemon.log -L warning

when executing:

systemctl status deluged

I get the following output:

bash[503711]: setsockopt: Operation not permitted

Is there a way to run your tool without elevated privileges? How would "setsockopt" be run for a systemd unit without elevated privileges

Thanks

score 0 · Answer 1 · answered Nov 16 '21 at 19:40

0

Linux as a strict limitation: Only root can open ports below 1024. If your daemon is doing this, you can only do it by root.

answered Nov 16 '21 at 19:40

Master SentiBlue

25
3

As far as I understand, it does not (Deluge). Any workaround you might suggest? Thanks. – Vasile Tugurlan Nov 17 '21 at 23:42

setsockopt for systemd unit - error: "Operation not permited"

1 Answers1