From 4e6b48d3dbd067f633a5d3f8c5d5ef4cb58a03a0 Mon Sep 17 00:00:00 2001
From: Philippe Guibert <philippe.guibert@6wind.com>
Date: Tue, 26 Mar 2019 08:56:15 +0100
Subject: [PATCH] bfdd: add sys_admin capability and net_raw capability

in order to be able to create sockets on separate namespaces, add the
privs setting needed.
the former capability is needed to use SO_BINDTODEVICE option.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
---
 bfdd/bfdd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bfdd/bfdd.c b/bfdd/bfdd.c
index 6023b5e4f0..a7643c1345 100644
--- a/bfdd/bfdd.c
+++ b/bfdd/bfdd.c
@@ -39,7 +39,7 @@ DEFINE_MTYPE(BFDD, BFDD_NOTIFICATION, "short-lived control notification data");
 struct thread_master *master;
 
 /* BFDd privileges */
-static zebra_capabilities_t _caps_p[] = {ZCAP_BIND};
+static zebra_capabilities_t _caps_p[] = {ZCAP_BIND, ZCAP_SYS_ADMIN, ZCAP_NET_RAW};
 
 struct zebra_privs_t bfdd_privs = {
 #if defined(FRR_USER) && defined(FRR_GROUP)
-- 
2.39.5