From d5d28580f91bc90b02e8d020da4c022a856a25c9 Mon Sep 17 00:00:00 2001
From: edsgerlin <edsgerlin@gmail.com>
Date: Sat, 15 Sep 2018 01:39:49 +0900
Subject: [PATCH] Add `CAP_NET_BIND_SERVICE` to `shadowsocks-libev.service`

It ensures process have permission to bind to port <=1000.
Other systemd config files already have it except this one.
---
 debian/shadowsocks-libev.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/shadowsocks-libev.service b/debian/shadowsocks-libev.service
index 08bf8274..c4489d53 100644
--- a/debian/shadowsocks-libev.service
+++ b/debian/shadowsocks-libev.service
@@ -15,6 +15,7 @@ After=network.target
 
 [Service]
 Type=simple
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 EnvironmentFile=/etc/default/shadowsocks-libev
 User=nobody
 Group=nogroup