Unprivileged User Port Binding
I followed the Directions in another
thread here to run PMP as an unprivileged user, however came across a problem.
I also followed the directions for Running PMP on a different port
The particular port I'd like to run on is < 1024 (HTTPS default port 443). Because this port is < 1024, default Linux permissions do not allow a daemon to bind to a port <1024 unless it is executed as root.
Typically this is accomplished by running an initial script as root, doing the port binding, then then dropping permissions. As PMP is a Java application, Java apparently doesn't have this functionality.
I've come across privbind Which appears to work to solve this sort of problem.
I've made a number of attempts (unsuccessfully) to integrate privbind into the PMP process -- at different points in the init script; the wrapper calling, the wrapper config calling java, etc, to no avail.
Could you provide any advice on if its possible to integrate privbind to accomplish running PMP as an unprivileged user, but on the default 443 port in linux? And how to accomplish this?
I feel this is an important thing to accomplish, as your product is a password, security product, and I'm sure myself and others would like to run it in the most secure configuration possible.
Thank You
I also followed the directions for Running PMP on a different port
The particular port I'd like to run on is < 1024 (HTTPS default port 443). Because this port is < 1024, default Linux permissions do not allow a daemon to bind to a port <1024 unless it is executed as root.
Typically this is accomplished by running an initial script as root, doing the port binding, then then dropping permissions. As PMP is a Java application, Java apparently doesn't have this functionality.
I've come across privbind Which appears to work to solve this sort of problem.
I've made a number of attempts (unsuccessfully) to integrate privbind into the PMP process -- at different points in the init script; the wrapper calling, the wrapper config calling java, etc, to no avail.
Could you provide any advice on if its possible to integrate privbind to accomplish running PMP as an unprivileged user, but on the default 443 port in linux? And how to accomplish this?
I feel this is an important thing to accomplish, as your product is a password, security product, and I'm sure myself and others would like to run it in the most secure configuration possible.
Thank You