ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Allow Binaries on Linux to Run on Well Known Privileged Ports

    IT Discussion
    linux debian ubuntu
    4
    10
    623
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller
      last edited by

      If you want to run a normal binary on Linux that will end up using a well known port (that is port 1024 and below, such as 80, 443, 25, etc.) you will generally be blocked by the kernel from doing this for safety reasons. You will need to do a setcap command to allow that binary to bind to that port. Very easy, but very hard to diagnose when things don't work.

      setcap CAP_NET_BIND_SERVICE=+eip /path/to/binary
      pmonchoP 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        An example of this is a Gitea server binary. We have to do this every time that we update the package.

        1 Reply Last reply Reply Quote 0
        • 1
          1337
          last edited by 1337

          FYI
          https://mangolassi.it/topic/25022/bind-linux-process-to-well-known-web-ports-when-not-root

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @1337
            last edited by

            @Pete-S said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

            FYI
            https://mangolassi.it/topic/25022/bind-linux-process-to-well-known-web-ports-when-not-root

            I THOUGHT I had posted that, but I couldn't find it in a search. lol

            1 1 Reply Last reply Reply Quote 1
            • 1
              1337 @scottalanmiller
              last edited by 1337

              @scottalanmiller

              Yeah, me too.
              The search is not particularly good on nodebb.

              If you search for net_bind you would assume it would find both these post but it finds nothing.

              Since this site isn't index by google and others anymore you can't use those to search either.

              scottalanmillerS ObsolesceO 3 Replies Last reply Reply Quote 0
              • pmonchoP
                pmoncho @scottalanmiller
                last edited by

                @scottalanmiller said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                Very easy, but very hard to diagnose when things don't work.

                Yep, couldn't figure out why MeshCentral wouldn't work after OS upgrade.
                This was it.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @1337
                  last edited by

                  @Pete-S said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                  The search is not particularly good on nodebb.

                  Let's face it, it's crap.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @1337
                    last edited by

                    @Pete-S said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                    Since this site isn't index by google and others anymore you can't use those to search either.

                    Yeah, no kidding. I have no idea why, though.

                    1 Reply Last reply Reply Quote 0
                    • ObsolesceO
                      Obsolesce @1337
                      last edited by

                      @Pete-S said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                      If you search for net_bind you would assume it would find both these post but it finds nothing.

                      It seems to only search "words", and that isn't a word or part of a word.

                      scottalanmillerS 1 Reply Last reply Reply Quote 1
                      • scottalanmillerS
                        scottalanmiller @Obsolesce
                        last edited by

                        @Obsolesce said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                        @Pete-S said in Allow Binaries on Linux to Run on Well Known Privileged Ports:

                        If you search for net_bind you would assume it would find both these post but it finds nothing.

                        It seems to only search "words", and that isn't a word or part of a word.

                        That does seem to be the case. It's not smart at all.

                        1 Reply Last reply Reply Quote 0
                        • 1 / 1
                        • First post
                          Last post