Feature request: Update systemd unit file capabilities to add CAP_NET_BIND_SERVICE

[garybuhrmaster]

Running exabgp under a dedicated user (exabgp) rather the root is a good security practice, but if it is necessary to open the normal bgp port 179 it fails to open the port (as expected).

Does it make sense to update the systemd (default) configuration to be:

AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

and/or update the message exabgp issues (currently telling you you may need to run as root) to also suggest creating a systemd override?

[thomas-mangin]

Thank you for pointing this issue.