Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

June 17, 2014 2.6k views
I want to allow a non-root user to bind to a port below 1024 (specifically port 443, but not SSL). The user will be running a node.js server if that matters. The Droplet does not exist yet, but is planned to be Ubuntu 14.04. I have successfully used setcap with the cap_net_bind_service option to achieve this on a dedicated server. Can I do this on a Droplet?
1 Answer
Sure. You have full root access to the server. I personally think using iptables port redirection might be simpler. You could do something like:
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5000 
Have another answer? Share your knowledge.