Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#75655 - [clash] 1.11.4-1 Add setcap attribute to systemd units to enable DNS server binding at port 53

Attached to Project: Community Packages
Opened by Caesar Woo (caesarw) - Friday, 19 August 2022, 18:15 GMT
Last edited by Toolybird (Toolybird) - Friday, 19 August 2022, 22:30 GMT
Task Type Feature Request
Category Packages
Status Assigned
Assigned To Felix Yan (felixonmars)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 1
Private No



When using the clash package from the community repository and configured local DNS server with it, error occurs when clash tries to bind to port 53.

Additional info:
* package version(s): 1.11.4-1

Steps to reproduce:
1. Install clash package
2. Enable clash's local DNS server and bind it to in the configuration
3. Start clash systemd service with "sudo systemctl start clash@[username]"
3. clash reports error with "ERRO[0000] Start DNS server error: listen udp bind: permission denied"

Proposed solution:
1. Adding these two lines to the [Service] section in the clash@.service unit
to give a temporary capability to the clash process spawned by systemd. (Sample service unit is attached)
This task depends upon