Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save sonukapoor/17e175e697f16bc04c26636845dc8501 to your computer and use it in GitHub Desktop.
Save sonukapoor/17e175e697f16bc04c26636845dc8501 to your computer and use it in GitHub Desktop.
Allow Node.js to bind to privileged ports without root access on Ubuntu

How to: Allow Node to bind to port 80 without sudo

TL;DR

Only do this if you understand the consequences: all node programs will be able to bind on ports < 1024

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node

Important: your node location may vary. Use which node to find it, or use it directly in the command:

sudo setcap 'cap_net_bind_service=+ep' `which node`

Explanation

In UNIX-like systems, non-root users are unable to bind to ports lower than 1024.

This is a nuisance when proxying adresses on port 80. Tipically, you end up sudoing all apps that must bind to such ports.

However, since kernel 2.6.24, you can use the setcap command to set specific capabilities to a program.

To enable all node programs to bind on any port lower than 1024, issue the following command:

sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node

Voilà! You can now bind to port 80 without sudoing.

If your node binary isn't on this path, find it with whereis node and substitute /usr/local/bin/node for wherever it is.

Important Caveat

setcap functions per-program. Therefore, if you update your node version you will probably need to run this command again.


source: http://stackoverflow.com/a/414258

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment