5175 shaares
488 private links
488 private links
setcap 'cap_net_bind_service=+ep' for FreeBSD
setcap.sh
# ref.
# https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
# https://www.freebsd.org/doc/handbook/mac-policies.html
# load the kernel module
kldload mac_portacl
# set the new security rules
sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443
# disable default port protection
sysctl net.inet.ip.portrange.reservedhigh=0
# ->
# /boot/loader.conf
# /etc/sysctl.conf
