Richard Megginson wrote:
Steve Rigler wrote:Hmm. Not sure why that is. The standard model for most unix/linux daemons now is to startup as root, open/bind the low port number, then setuid to a non-privileged user.On Wed, 2007-06-13 at 09:21 -0600, Richard Megginson wrote:Steve Rigler wrote:What version of Fedora DS? Note that the standard Apache used on most linux platforms will not even allow you to run as root.Is it possible to configure the admin server to use the standard https port? The documentation states that reserved ports can't be used, but if the admin server runs as root is this really an issue?This is 1.0.4 on RHEL 4. The issue is that when I try to configure the admin server to use a reserved port I get a dialog stating "inadequate permission. Port is protected."
I think there is code that looks to see if the port is available/bindable. Since admin server has already dropped priviledges it can't change the port.
Why do you need to use 443? The Admin Server can serve https requests without having to be on port 443.Ideally we'd like to be able to use "Directory Server Express" to provide users with the ability to reset their own passwords. Since this should be secure it seems like it would make more sense to run the service on port 443 rather than an unreserved port. I'm just stumbling on actually getting this part to work.
You could try setting it manually in /opt/fedora-ds/admin-serv/config/console.conf
I suspect he wants 443 because it is easier and users don't need to remember to set a port.
rob
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
