Allow Node.js to bind to privileged ports without root access on Ubuntu

nodejs-ubuntu-bind-port-80.md

How to: Allow Node to bind to port 80 without sudo

TL;DR

Only do this if you understand the consequences: all node programs will be able to bind on ports < 1024

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node

Important: your node location may vary. Use which node to find it, or use it directly in the command:

sudo setcap 'cap_net_bind_service=+ep' `which node`

Explanation

In UNIX-like systems, non-root users are unable to bind to ports lower than 1024.

This is a nuisance when proxying adresses on port 80. Tipically, you end up sudoing all apps that must bind to such ports.

However, since kernel 2.6.24, you can use the setcap command to set specific capabilities to a program.

To enable all node programs to bind on any port lower than 1024, issue the following command:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node

Voilà! You can now bind to port 80 without sudoing.

If your node binary isn't on this path, find it with whereis node and substitute /usr/local/bin/node for wherever it is.

Important Caveat

setcap functions per-program. Therefore, if you update your node version you will probably need to run this command again.

---

source: http://stackoverflow.com/a/414258

How does one undo this configuration?

How does one undo this configuration?

I also have such a question

I figured it out you can just do the same command with '-' (minus) symbol. So 'cap_net_bind_service=-ep' should remove the configuration.

I figured it out you can just do the same command with '-' (minus) symbol. So 'cap_net_bind_service=-ep' should remove the configuration.

Thank you!
My solution:

sudo setcap -r ~/n/bin/node

Ah, that is cool too.