From c8837f07d67a5fc1ad0b646f421e368bad37af52 Mon Sep 17 00:00:00 2001 From: AnthonyDuan Date: Sat, 22 Nov 2025 21:56:23 +0800 Subject: [PATCH] =?UTF-8?q?fix(setup):=20=E4=BD=BF=E7=94=A8=20systemd=20Am?= =?UTF-8?q?bientCapabilities=20=E6=8E=88=E6=9D=83=E7=BB=91=E5=AE=9A=2080?= =?UTF-8?q?=EF=BC=8C=E7=A7=BB=E9=99=A4=20setcap=20=E9=9C=80=E6=B1=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- setup.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/setup.sh b/setup.sh index d464002..6a4fd28 100644 --- a/setup.sh +++ b/setup.sh @@ -70,9 +70,6 @@ fi chown -R www-data:www-data /srv/taiko-web -echo "为 Python 进程授予 80 端口绑定权限..." -setcap 'cap_net_bind_service=+ep' /srv/taiko-web/.venv/bin/python3 || true - echo "创建 systemd 服务..." cat >/etc/systemd/system/taiko-web.service <<'EOF' [Unit] @@ -87,6 +84,8 @@ ExecStart=/srv/taiko-web/.venv/bin/gunicorn -b 0.0.0.0:80 app:app Restart=always User=www-data Group=www-data +AmbientCapabilities=CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target