Vault, Capabilities, and SystemD
• Mark Eschbach
vault-dev.service: Main process exited, code=exited, status=213/SECUREBITS
I left off with Vault failing to initialize on Ubuntu with SystemD failing to start with the above error message. I’ve never encountered an error like this before but then again I don’t usually muck around with capabilities subsystem. So I may have already come across this however in SystemD’s changelog it states
CapabilityBoundingSet should be used instead. I’m hoping I might be able to do away with all capabilities and get it up and running. Nope, same complaint without any capabilities. With just
CapabilityBoundingSet it still fails too.
There is a rather dense discussion on what ambient capabilities are which is being preempted for now :-/. I’ll have to return to this at a later time.