Page 1 of 1

Binding port 443 for service user (Debain)

PostPosted: Fri Aug 09, 2019 7:30 pm
by MrChimp1
I'm running Subsonic on a raspberry pi and have been, for a while using HTTPS on port 4443. Whilst this works perfectly I'd like to move it to 443.
My subsonic is running under a service account, i.e.


I believe only root user can bind to ports below ports 1024.

I've read this article ... 80-and-443 and tried this command:
sudo setcap CAP_NET_BIND_SERVICE=+eip /etc/init.d/subsonic

But this doesn't work, see log below:

112788 [main] INFO org.springframework.web.servlet.DispatcherServlet - FrameworkServlet 'subsonic': initialization completed in 15643 ms
112903 [main] WARN org.mortbay.log - failed SelectChannelConnector@ Permission denied

Does anyone know which binary I need to allow via setcap to be able to bind to port 443?

Thanks in advanced.


Re: Binding port 443 for service user (Debain)

PostPosted: Sat Aug 10, 2019 7:39 am
by MrChimp1
OK, managed to sort this myself.

I forgot Subsonic basically runs under the Java binaries, so granting java access to ports below 1024 does the trick.

This command worked for me:
sudo setcap cap_net_bind_service=+epi /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/bin/java

Remeber your Java path may be different.

Now just to sort these allocation errors!

[GC (Allocation Failure) 38689K->25952K(52140K), 0.1133235 secs]
[GC (Allocation Failure) 40544K->27430K(52140K), 0.0901490 secs]
[GC (Allocation Failure) 42022K->29656K(52140K), 0.1855273 secs]
[GC (Allocation Failure) 44248K->33759K(52140K), 0.2939235 secs]