[hunchentoot-devel] Hunchentoot on PORT 80
Bill St. Clair
billstclair at gmail.com
Fri Jun 19 10:16:53 UTC 2009
Ports below 1024 are reserved for root. You can use one by starting
your process as root, listening on the port (starting Hunchentoot),
and then using (setuid UID) and (setgid GID) to set the user and group
ID to a non-root (you'll have to define SETUID and GETUID with a
foreign function package, and you can find the UID and GID for a login
in /etc/passwd). Or you could run your process as root, but that tends
to be dangerous.
Most people use a reverse proxy instead. Apache supports that, via
mod_proxy. Squid has a reverse proxy. And there's Pound, amongst
others. See http://en.wikipedia.org/wiki/Reverse_proxy
-Bill
On Fri, Jun 19, 2009 at 4:58 AM, Phil Marneweck<zaries at global.co.za> wrote:
> Thank you but setcap gives me a "operation not permitted"...but that got
> me stumbled onto authbind and ip tables, hopefully on of those will
> solve my problems.
>
> Regards
> Phil
>
> On Fri, 2009-06-19 at 11:11 +0400, Andrey Moskvitin wrote:
>> > Yesterday I tried to run hunchentoot on port 80 for the first time,
>> but
>> >a get a "Permission Denied" error when hunchentoot tries to bind to
>> port 80.
>>
>> sudo setcap CAP_NET_BIND_SERVICE=ep /usr/bin/sbcl
>>
>>
>> Andrey
>>
>> 2009/6/19 Phil Marneweck <zaries at global.co.za>
>> Hi
>>
>> Yesterday I tried to run hunchentoot on port 80 for the first
>> time, but
>> a get a "Permission Denied" error when hunchentoot tries to
>> bind to port
>> 80. Between the #ubuntu and #lisp guys we established that
>> nothing else
>> was running on port 80 and that I was indeed running as root.
>>
>>
>> Everybody agreed that it must be that permissions gets dropped
>> some
>> where along the line. Searching the web regarding dropped
>> permissions
>> got me no where. So I was wondering if anybody else got this
>> configuration to work on port 80 and could share their
>> experience with
>> me please.
>>
>> I have a clean ubuntu server, no apache or anything installed.
>> I have an
>> in init.d script that starts up a screen session which runs
>> swank and
>> start up stuff to load hunchentoot etc ie swank-daemon from
>> clwiki.
>>
>>
>> Regards
>> Phil
>>
>>
>> _______________________________________________
>> tbnl-devel site list
>> tbnl-devel at common-lisp.net
>> http://common-lisp.net/mailman/listinfo/tbnl-devel
>>
>> _______________________________________________
>> tbnl-devel site list
>> tbnl-devel at common-lisp.net
>> http://common-lisp.net/mailman/listinfo/tbnl-devel
>
>
> _______________________________________________
> tbnl-devel site list
> tbnl-devel at common-lisp.net
> http://common-lisp.net/mailman/listinfo/tbnl-devel
>
More information about the Tbnl-devel
mailing list