Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

June 17, 2014 1.3k

I want to allow a non-root user to bind to a port below 1024 (specifically port 443, but not SSL). The user will be running a node.js server if that matters. The Droplet does not exist yet, but is planned to be Ubuntu 14.04. I have successfully used setcap with the cap_net_bind_service option to achieve this on a dedicated server. Can I do this on a Droplet?

1 Answer

asb MOD June 17, 2014

Sure. You have full root access to the server. I personally think using iptables port redirection might be simpler. You could do something like:

iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5000

Have another answer? Share your knowledge.

Share

Share your Question

Can I use the setcap command to do cap_net_bind_service (on Ubuntu 14.04)

Leave a Comment

Almost there!

Report a Bug