Login or Register to Ask a Question and Join Our Community


Linux

How do I run HTTP server on port 80 using a non root user?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux How do I run HTTP server on port 80 using a non root user?
# 1  
Old 08-24-2010
How do I run HTTP server on port 80 using a non root user?
Hi experts,
I want to run HTTP server on port 80, I learn from somewhere that it MUST not be run as root for security reason, how to do that?


Thank you in advance!
# 2  
Old 08-24-2010
Hi.

(This is from RedHat, but hope it applied to you too).

Extract from httpd.conf

Code:
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
#  . On HPUX you may not be able to use shared memory as nobody, and the
#    suggested workaround is to create a user www and use that user.
#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
#  when the value of (unsigned)Group is above 60000;
#  don't use Group #-1 on these systems!
#
User apache
Group apache

# 3  
Old 08-24-2010
Hi, scottn, thanks for your quick reply.
I am using Nginx, how to do this in Nginx?
# 4  
Old 08-24-2010
Hi.

I know absolutely nothing about nginx, sorry.

So I did what I normally do... hit google Smilie

Are you using Nginx just, or with Apache?

Do you have a file /usr/local/nginx/conf/nginx.conf

If so, try changing the user there. If with Apache, try it in /etc/httpd/conf/httpd.conf.
# 5  
Old 08-24-2010
Hi, scottn, thanks for you reply.

I have the configuration file you mentioned, adding user and group there didn't help.
After adding user and group in nginx.conf, child processes forked by the master process have the non-root user(which I specified in nginx.conf) associated. but the master process is still run as root.

I have googled around for quite a while, and I found some info that say one can use iptable to redirect traffic coming to the privileged ports(<1024) to higher ports, but we don't use firewall on the server, so this seems not a viable solution.

And some say that one can use setuid(chmod +s /usr/local/nginx/sbin/nginx), and then run nginx as a non-root user. Yes, I can run nginx in this case using a non-root user, but the master process is still owned by root.

It's really frustrating...
Any more help?
# 6  
Old 08-24-2010
apache cannot be made to drop privileges in this fashion, so if you don't want to use redirection you're stuck.
# 7  
Old 08-25-2010
Unprivileged user (non-root) cannot run a process that is listening on port below 1024. That's why the nignx's master process must have root privileges.

Short answer to your question is: you don't.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to scp File from root user in one server to say crt user in another server and avoid password?

Can someone help in writing some script through which I can transfer file (scp) from root user in abc server to crt user in hfg server and can give the crt user password in script itself so that it doesn't prompt me every time for password (4 Replies)
Discussion started by: Moon1234
4 Replies

2. Shell Programming and Scripting

Script to run commands as root user

Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user. Please help, Thanks in advance. -Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies

3. Shell Programming and Scripting

Need to run a bash script that logs on as a non-root user and runs script as root

So I have a script that runs as a non-root user, lets say the username is 'xymon' . This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root. in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies

4. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

5. AIX

Crontab cannot run by non-root user

Good morning everybody. I have just receiedv a complaint from our DBA saying that if he create a scripts to run some Oracle performance scripts using crontab and the scheduling part is ok but the job is failed when I checked on /var/adm/cron/log. I have tried his scripts using Oracle id directly... (4 Replies)
Discussion started by: kwliew999
4 Replies

6. Shell Programming and Scripting

run a script on logout by a non-root user

hi , i need to run a script that delete files when i logout as a user other than root user . I have tried out using .bash_logout but that doesnt seem to work , so any alternative for this to be done. Thanks in advance, Harsha (6 Replies)
Discussion started by: harsha10
6 Replies

7. UNIX and Linux Applications

How get root without local & with open port in server

hi all i have some question if any one can help me please How get root without local ? :( & How get root with open port in server use the telnet ? :( & How get root with Buffer Overflows ? :( please help me thanx to all (2 Replies)
Discussion started by: iis
2 Replies

8. Linux

Unblock port 80 for none root user

Hi all, I am running an oracle application server but the problem is that the default port it is using is 7777 and if i want to make it port 80 i have to run the server as root which something i do not want to do. If i understand well to run on a port under 1024 the application needs root... (1 Reply)
Discussion started by: staind_art
1 Replies

9. UNIX for Advanced & Expert Users

how to know how many user's connected to ftp and http server

i need to write a program to know how many users are presently connected to my ftp server and http server . i need to keep a count of this and this count should be available to other different software . how to make this GLOBAL so that other softwares can access this count value (7 Replies)
Discussion started by: hariprasad
7 Replies

10. Linux

VNC Server http listening port

Hi All, I'm running RH 9.0 on a PII box with 160MB RAM. Just downloaded RealVNC X86 Linux (version 3.3.7). How can I get the HTTP listening port up ? Thanks, KENT (6 Replies)
Discussion started by: kxchen_home
6 Replies
Login or Register to Ask a Question