[lxc-users] CAP_SETFCAP effective capability

István Király LaKing at D250.hu
Wed Jul 30 19:40:58 UTC 2014


Hi folks, ..

I'm trying to figure out what the proper method will be to use node.js as
web server.
The problem is, that node, when run as user, can not bind to port 80, or
ports lower then 1024.

I would like to give the container permission to bind node to port 80, and
eventually 443.

[root at dev node-project]# setcap cap_net_bind_service=+ep /usr/bin/node
unable to set CAP_SETFCAP effective capability: Operation not permitted

I can run this command on the host, and set file capabilities on the host
for node in the rootfs of the container, but that seems to have no effect
on the container's node instance.

Anyone with more expertise has any suggestion?

... Yes, I know I can set my reverse proxy, but I would like to have node
on these ports, so i can use them directly on an IPv6 enabled network.

.. and yes, I know that port forwarding is another option.

Thank you. .)

-- 
Király István
+36 209 753 758
LaKing at D250.hu
<http://d250.hu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140730/ff11e1a8/attachment.html>


More information about the lxc-users mailing list