Allowing process to bind to port lower than 1024 in Linux

In Linux by default process  has no permission to bind themselves to any port lower than 1024 (unless you are the root user of course).
So if for example we want our node js application to listen on port 80, the default port for http, we will probably get the following exception:


events.js:160
      throw er; // Unhandled 'error' event
      ^

Error: listen EACCES 127.0.0.1:80
    at Object.exports._errnoException (util.js:1007:11)
    at exports._exceptionWithHostPort (util.js:1030:20)
    at Server._listen2 (net.js:1240:19)
    at listen (net.js:1289:10)
    at net.js:1399:9
    at _combinedTickCallback (internal/process/next_tick.js:77:11)
    at process._tickCallback (internal/process/next_tick.js:98:9)
    at Module.runMain (module.js:577:11)
    at run (node.js:348:7)
    at startup (node.js:140:9)

This happen because the node as no permission to listen to port 80 or any port lower than 1024 for that matter.
We can easily fix this by giving the node the required permission:
we need to run the following command:

sudo setcap cap_net_bind_service=+ep /usr/bin/nodejs

This will allow node to bind to port 80.
Of course we can use this method for any executable file


sudo setcap cap_net_bind_service=+ep <executableFilePath>

And when the executable file run it will have the permission to bind to port lower than 1024.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s