Menu
▾
▴
Re: [naviserver-devel] Permission Denied for Ns_SockBind
|
From: Gustaf N. <ne...@wu...> - 2016-07-29 14:00:47
|
Dear David,
when running nsd on a privileged port, you have to use the "-b" option
to prebind to this port, like e.g.
nsd -u openacs -g nsadmin -i -t ...../config-ns.tcl -b
[137.208.116.31]:80,[2001:628:404:74::31]:80
as documented in [1]. this example is more complex than you need, since
it binds to an IPv4 and an IPv6 address. You get probably the same
message with NaviServer 4.99.11. The main difference in this respect
between NaviServer 4.99.11 and earlier is that previous version did not
report many error conditions, newer versions are more chatty .... which
is important for debugging and for people starting to use IPv6.
all the best
-g
[1] http://naviserver.sourceforge.net/n/manual/files/admin-maintenance.html
Am 29.07.16 um 14:13 schrieb David Osborne:
> Hi,
>
> I'm having a few problems with a new build of Naviserver on Debian
> (wheezy & Jessie).
>
> Using Tip, when I try to start naviserver listening on a privileged
> port, with a non-root (but system) user, I'm getting a permission
> denied error from within Ns_SockBind:
>
> eg.
> [29/Jul/2016:10:05:07][10999.7f2010c16700][-driver:nssock-] Notice:
> bind operation on sock 17 lead to error: Permission denied
> [29/Jul/2016:10:05:07][10999.7f2010c16700][-driver:nssock-] Warning:
> bind on: SockAddr family AF_INET, ip 0.0.0.0, port 80
> [29/Jul/2016:10:05:07][10999.7f2010c16700][-driver:nssock-] Error:
> Ns_SockBinderListen: sendmsg() failed: sent 56 bytes, 'Permission denied'
> [29/Jul/2016:10:05:07][10999.7f2010c16700][-driver:nssock-] Error:
> nssock: failed to listen on [0.0.0.0]:80: Permission denied
>
> To reproduce I do the following:
>
> hg clone https://bitbucket.org/naviserver/naviserver
> cd naviserver
> ./autogen.sh --disable-ipv6 --with-tcl=/usr/lib/tcl8.5 --enable-rpath
> --enable-threads
> make
> make install
> chown -R nsd /usr/local/ns
> Edit: /usr/local/ns/conf/nsd-config.tcl
> -> change port from 8080->80
> /usr/local/ns/bin/nsd -c -u nsd -t /usr/local/ns/conf/nsd-config.tcl
>
>
> Things which work fine:-
>
> - Running as root:
> /usr/local/ns/bin/nsd -c -u root -t /usr/local/ns/conf/nsd-config.tcl
> - Using a non-privileged port eg. 8080
> - Naviserver version 4.99.8 seems to work fine when doing the above
> reproduction steps.
>
> Can someone point me in the right direction here as to what I'm doing
> wrong...?
>
> Thanks in advance
> --
> David
|
