non-root bind to port 389
Red Hat Linux ES 4
Sun Directory 6.0
I need to execute my directory server using a non root userid
Command line sudo works fine for starting the server
- server process is owned by uid=ldapsrv
Remote starts use the ldapsrv account to start the
ldap server. Start fails due to ldapsrv not being
allowed to bind to port 389.
[26/Jul/2007:08:59:51 -0500] - ERROR<12362> - Connection - conn=-1 op=-1 msgId=-1 - PR_Bind() on address <all interfaces> port <389> failed : error -5966 (Access Denied.).
If I change the port used by the LDAP server to a
high number life is good.
Question: How do I allow userid ldapsrv to start
software than binds to port 389 ?
In theory, only root can bind to a port < 1024.
I see only two possibilities, both of them ugly.
First: modify the source of your kernel so that the restriction is removed. This opens a huge security hole.
Second: modify the source of the directory server so that the first three things it does are:
Hope this helps.
|All times are GMT -5. The time now is 12:51 PM.|