Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

June 17, 2014 2k views
gazilla
By:
gazilla
I want to allow a non-root user to bind to a port below 1024 (specifically port 443, but not SSL). The user will be running a node.js server if that matters. The Droplet does not exist yet, but is planned to be Ubuntu 14.04. I have successfully used setcap with the cap_net_bind_service option to achieve this on a dedicated server. Can I do this on a Droplet?
Log In to Comment
1 Answer
asb MOD June 17, 2014
Sure. You have full root access to the server. I personally think using iptables port redirection might be simpler. You could do something like: 
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5000
Reply
Have another answer? Share your knowledge.