Does systemd allow for functionality like authbind? Where you can allow a non-root user to bind to a priv port?

Question

I looked through the manpage and did quite a bit of googling, couldn't find an answer. Thank you!

score 4 · Accepted Answer · edited May 09 '17 at 07:50

4

You could use systemd's socket activation functionality to achieve what you want (if the program you're running supports it). Systemd binds to the port as root then passes the socket to the unprivileged program (ex. Apache).

Also look into the AmbientCapabilities directive and CAP_NET_BIND_SERVICE.

edited May 09 '17 at 07:50

Henrik Pingel

8,676
2
24
38

answered May 08 '17 at 21:42

logix

156
1

Very interesting, thanks. I may look at writing an extension for that – Jonathan S. Fisher May 11 '17 at 16:30

Does systemd allow for functionality like authbind? Where you can allow a non-root user to bind to a priv port?

1 Answers1

Linked