0

I have a snap application.

I'd like to run it on port 80 within ghci for local debugging purposes. Normally I'd run sudo ./main -p 80 on the compiled binary to achieve this, but within ghci I get a permission denied.

*Main> :main -p 80
Initializing app @ /
Initializing heist @ /heist
...loaded 35 templates from /Users/dmj/blah/templates
Initializing CookieSession @ /sess

Listening on http://0.0.0.0:80/
Error on startup:
bind: permission denied (Permission denied)

Shutting down...

It works on non-privileged ports.

*Main> :main -p 8000
Initializing app @ /
Initializing heist @ /heist
...loaded 35 templates from /Users/dmj/blah
Initializing CookieSession @ /sess
Initializing db @ /auth
Initializing acid-state @ /acid

Listening on http://0.0.0.0:8000/
mightybyte
  • 7,282
  • 3
  • 23
  • 39
The Internet
  • 7,959
  • 10
  • 54
  • 89
  • Why do you want to run it on port 80 if you're planning to debug it? – Cubic Jan 02 '14 at 12:45
  • @Cubic, I am tricking my localhost into believing it is actually a domain I have purchased (`/etc/hosts` trick). I am forcing all http traffic to https and am dealing w/ file uploads to s3 that only work w/ proper domain name origins in the request. It's hard to test all that w/o using 80. – The Internet Jan 02 '14 at 12:49
  • 1
    Did you actually run `sudo ghci`? It's not clear from your description. – Tom Ellis Jan 02 '14 at 12:55
  • But do you really need to run it in GHCi to test it, though? I don't understand why you can't test it outside of GHCi. But if you really need to, maybe you could run GHCi as sudo. – mhwombat Jan 02 '14 at 12:56
  • @mhmwombat I have many dependencies and it takes a long time to cabal build clean and run. – The Internet Jan 02 '14 at 12:58
  • 1
    @TomEllis, that is a solution, but I'm inside haskell-mode emacs and invoking ghci is done w/ `C-c C-l` and on an unprivileged port. I might edit the elisp to add sudo, or port forward 8000 to 80 – The Internet Jan 02 '14 at 12:58
  • 1
    There's no way to change your effective userid to root. You need to start your ghci (or emacs) with sudo. – augustss Jan 02 '14 at 14:11
  • @TheInternet, you don't have to edit elisp files manually - you can just do M-x customize, then search for "haskell program name", then change it from "ghci" to "sudo ghci" or something like that. – aemxdp Jan 02 '14 at 15:27
  • @apsk, I tried that, apparently changing 'ghci' to 'sudo ghci' doesn't respect the sandbox I'm in, so compilation breaks. Using hsenv. – The Internet Jan 02 '14 at 15:39
  • @TheInternet, I'm using cabal 1.18's native sandboxing, and "sudo ghci -no-user-package-db -package-db .cabal-sandbox/x86_64-linux-ghc-7.6.3-packages.conf.d" works for me. – aemxdp Jan 02 '14 at 15:47

1 Answers1

2

See this post for another way: Is there a way for non-root processes to bind to "privileged" ports on Linux?

sudo setcap 'cap_net_bind_service=+ep' /usr/bin/ncat

Just substitute '/usr/bin/ncat' for your full path to ghci, and it should work.

(I am sure you have been nagged many times about how bad an idea it is to do any prolonged work as root.... Also, this is a Linux specific solution, so if you are working on a Mac or other *nix, this won't work for you).

Community
  • 1
  • 1
jamshidh
  • 12,002
  • 17
  • 31