tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Lianogou <li...@arachnedesign.net>
Subject Re: non-root on 80
Date Mon, 04 Apr 2005 22:43:08 GMT
I had to set up a solution using IP tables on my redhat box. First some 
background as to why I solved it this way:

You can't run anything directly on port 80 without that process being 
executed as the root user... which -- for a variety of reasons I'm sure 
you needn't hear me go into -- is a Really Bad Idea.  ;-)

What you want to do in this case is to reroute port 80 traffic to a 
port that tomcat can bind to when executed as a "normal" user.

Here's what I did to accomplish this (hopefully you've got iptables on 
your box, as well... tho the path of this script may be different on yr 
system... so check into both matters if this doesn't work for you):

/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT 
--to-port 8080

You'll need root permissions to do this, tho.



Hope that helps,

jL

On Apr 4, 2005, at 5:58 PM, NetSQL wrote:

> I read that it has a stop method... but how do I get it to run at port 
> 80 ?
>
> .V
>
> David Smith wrote:
>> Look at jsvc in the commons-daemon project on 
>> jakarta.apache.org/commons
>> --David
>> NetSQL wrote:
>>> apache drops to non root after bind to 80.
>>> How can this be done w/ tc 5.5?
>>> .V
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message