I have a Rails app using Jruby that I would like to deploy for production. It's using Trinidad. I would like to run as port 80 without using root. Would authbind be a reasonable choice (on Ubuntu)? What's a good way to configure it?
Asked
Active
Viewed 218 times
1 Answers
0
You are running Jruby, ie. using a JVM? authbind intercepts the standard socket library calls (eg. bind() in socket.h). Unfortunately, Java (at least java 1.6+ in my experience) does not use the standard socket libraries, but uses much lower level syscalls, so authbind does not work with Java.
If you want to run tomcat on port ie, either use nginx or apache as a reverse proxy, or use iptables to rewrite the "destination port" on incoming packets. More details in the tomcat FAQ: http://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_privileges.3F
O.B.
- 21
- 1
-
That makes sense, but I thought bind() already was a low level call. – seand Jun 19 '13 at 01:41
-
now that i think of it, my attempts at getting authbind to work with java did not include using the "--deep" option to authbind. I'd edit the tomcat start script, prepending "authbind --deep" to the command that auctualy invokes the JVM. – O.B. Jun 19 '13 at 03:35