supplemental_groups

March 26, 2020 Contributors

Name

supplemental_groups — security: supplemental groups to assume after startup

Description

Security {
Supplemental_Groups = ( "list of group names or ids" )

On Linux, allow binding to privileged ports without requiring

a process restart

Capabilities = "cap_net_bind_service+ep"

On Solaris, allow binding to privileged ports without requiring

a process restart (version 3.0 and higher)

Privileges = "basic net_privaddr"
}

This security feature instructs Momentum to issue a setgroups system call to set the supplemental groups for the Momentum process. This allows more flexibility for granting Momentum access to resources that are restricted based on group membership.

Scope

Supplemental_Groups is valid in the security scope.

See Also

user, chroot, capabilities