Thursday, 26 January 2012

Running IBM HTTP Server as non-root on UNIX

This has come up a few times in conversation, so I thought I'd share it again here.

Question

Is it possible to run IBM HTTP Server as a non-root process on UNIX systems?

Answer

Applications running as users other than root are normally prevented from binding to (listening on) low-numbered ports on Unix and Linux systems. Low-numbered ports are those ports below 1024. The standard ports for most popular Internet protocols, including HTTP and HTTPS, are low-numbered ports.

It is possible to run IBM HTTP Server as a non-root process on a UNIX system, but when doing so, use only nonstandard ports above 1024. The following are some snippets from the httpd.conf file showing the directives necessary to do this. After making these changes, stop and restart the server for the changes to take effect.

This Technote - Running IBM HTTP Server as non-root on UNIX - covers in more detail.

Enjoy :-)

No comments:

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...