On 11/28/06, Nadav Har'El <[EMAIL PROTECTED]> wrote:
So basically, I want to tell linux to allow this process (or any process, for that manner) to bind any port. I tried using "capabilities", but didn't get it to work (does anyone know if this feature still exists in modern kernels??), and I tried looking for a relevant sysctl and couldn't find one (which really suprised me).
Can't think of a way either. AFAIK capabilities are a way to restrict a root process (and you can have much more fine-grained restrictions nowadays with SELinux) so they're no good in your case. How about, instead of wasting your time, settle for an IPTables-based redirection from a privileged port to an unprivileged one? (That's what's suggested in http://www.linux.org.mt/article/tomcat-ports) ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
