Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Give Linux executables the privilege to bind to ports below 1024
#!/bin/bash
if (( $# != 2 )); then
echo 'Control whether an executable has the privilege to bind to ports < 1024, even if the user is not root'
echo
echo "Usage: $(basename "$0") [enable|disable|status] [path-to-exectuable]"
exit 1
fi
FILE=$(readlink -f "$2")
case "$1" in
enable)
sudo setcap 'cap_net_bind_service=+ep' "$FILE"
;;
disable)
sudo setcap 'cap_net_bind_service=-ep' "$FILE"
;;
status)
getcap "$FILE" | grep 'cap_net_bind_service+ep' &> /dev/null
if [ $? == 0 ]; then
echo 'enabled'
else
echo 'disabled'
fi
;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment