1. You need to install "capabilities" library on OpenSuse.
zypper install libcap-progs
zypper install libcap1
zypper install libcap2
2. Allow mono to bind on low ports numbers:
setcap 'cap_net_bind_service=+ep' /usr/bin/mono-boehm
Now you'll be able to run .NET programs that bind on port numbers (below 1024) that are traditionally reserved for root (require root privileges). Traditional UNIX implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is nonzero). Privileged processes bypass all kernel permission checks. In order to run a process as non-root and bind to a port <1024 you need to give that binary a net_bind_service capability.
No comments:
Post a Comment
If you like this post, please leave a comment :)