From 7844d86ea38f923e219554c4637a0e232882f6ce Mon Sep 17 00:00:00 2001
From: Holger Weiss <holger@zedat.fu-berlin.de>
Date: Wed, 6 Jan 2021 18:56:08 +0100
Subject: [PATCH] Allow for listening on privileged ports

Let systemd give ejabberd the capability to bind to ports below 1024.
---
 ejabberd.service.template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ejabberd.service.template b/ejabberd.service.template
index df205dfcf..c779ea031 100644
--- a/ejabberd.service.template
+++ b/ejabberd.service.template
@@ -15,6 +15,7 @@ ExecStop=/bin/sh -c '@ctlscriptpath@/ejabberdctl stop && @ctlscriptpath@/ejabber
 ExecReload=@ctlscriptpath@/ejabberdctl reload_config
 NotifyAccess=all
 PrivateDevices=true
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 TimeoutSec=300
 
 [Install]