setcap-netbind: Give a binary the ability to bind to privileged ports.
https://webinstall.dev/setcap-netbind/| Installer Source| Releases (json) (tab)
setcap-netbind: Give a binary the ability to bind to privileged ports.
https://webinstall.dev/setcap-netbind/| Installer Source| Releases (json) (tab)
These are the files / directories that are created and/or modified with this install:
~/.config/envman/PATH.env
~/.local/bin/setcap-netbind
Because no one can ever remember
setcap 'cap_net_bind_service=+ep'. Everybody has to look it up. Every. Time.Well... not anymore.
setcap-netbinddoes that ^^, plus it follows links - which is nice.
Gives a command permission to run on privileged ports (80, 443, etc).
Usage:
sudo setcap-netbind <COMMAND>
Example:
sudo setcap-netbind node
setcap-netbind will grant the specified program the ability to listen on
privileged ports, such as 80 (http) and 443 (https) without root privileges or
sudo. It seeks out the specified binary in your path and reads down symlinks
to make usage as painless as possible.
Note: Capability binding is specific to a particular binary file. You'll
need to rerun setcap-netbind <COMMAND> each time you upgrade or reinstall a
command.
These two commands are equivalent:
sudo setcap-netbind node
sudo setcap 'cap_net_bind_service=+ep' "$(readlink -f "$(command -v node)")"
The benefit of setcap-netbind is simply that it's easier to remember (and will
auto-complete with tab), and it will follow symbolic links.
(setcap will not work on symlinks - probably as a security measure)