Question

Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

Posted June 17, 2014 3.1k views
I want to allow a non-root user to bind to a port below 1024 (specifically port 443, but not SSL). The user will be running a node.js server if that matters. The Droplet does not exist yet, but is planned to be Ubuntu 14.04. I have successfully used setcap with the cap_net_bind_service option to achieve this on a dedicated server. Can I do this on a Droplet?
Add a comment
gazilla
By:
gazilla

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
asb June 17, 2014
Sure. You have full root access to the server. I personally think using iptables port redirection might be simpler. You could do something like: 
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5000
Reply Report

Looking for something else?

Ask a new question Search for more help