From 9b0aa6e56148e8ffa93a38d062541483cb09fcd9 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 14 Apr 2018 10:35:21 +0200 Subject: [PATCH] Enable systemd service unit + set capabilities for executable after installing the two files Signed-off-by: DL6ER --- automated install/basic-install.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 160039ce..c719953c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1589,7 +1589,7 @@ updatePihole() { # Install base files and web interface installScripts # Install config files - installConfigs + installConfigs # If the user wants to install the dasboard, if [[ "${INSTALL_WEB}" == true ]]; then # do so @@ -1755,7 +1755,9 @@ FTLinstall() { pushd "$(mktemp -d)" > /dev/null || { echo "Unable to make temporary directory for FTL binary download"; return 1; } # Always replace pihole-FTL.service - install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/init.d/pihole-FTL" + install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/systemd/system/pihole-FTL.service" + # Enable service script (we have to do this after replacing the service unit) + systemctl enable pihole-FTL.service local ftlBranch local url @@ -1786,6 +1788,8 @@ FTLinstall() { stop_service pihole-FTL &> /dev/null # Install the new version with the correct permissions install -T -m 0755 "${binary}" /usr/bin/pihole-FTL + # Set net admin permissions so that FTL can serve DNS, DHCP and IMAP (for DHCPv6) + setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "/usr/bin/pihole-FTL" # Move back into the original directory the user was in popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } # Install the FTL service