[pkg-go] Bug#872997: prometheus-blackbox-exporter: Make CAP_NET_RAW switching configurabl

[Filippo Giunchedi]

Package: prometheus-blackbox-exporter
Severity: wishlist

blackbox_exporter's ICMP probing requires either root or CAP_NET_RAW, the
latter should be configurable (via debconf) for users that want full
functionality without running as root. Using debconf would keep package
upgrades from overriding what the user might have set manually or via config
management.

Another option for administrators to survive package upgrades without further
hacks would be to run as root and let systemd drop all capabilities but
CAP_NET_RAW, the setcap solution seems better overall though.

filippo
-- 
http://esaurito.net - 0x99D49B6B00CAD1E5 - ⠠⠵