Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

Posted June 17, 2014 3.3k views
I want to allow a non-root user to bind to a port below 1024 (specifically port 443, but not SSL). The user will be running a node.js server if that matters. The Droplet does not exist yet, but is planned to be Ubuntu 14.04. I have successfully used setcap with the cap_net_bind_service option to achieve this on a dedicated server. Can I do this on a Droplet?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer
Sure. You have full root access to the server. I personally think using iptables port redirection might be simpler. You could do something like:
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5000