There
was a tool written under Debian (compartment I think it was called) which
performed the necessary functionality. It allowed you to start a process with
only a specified set of capabilities. In the case of Apache under freeVSD you
would only want to give Apache only the privileges it needs - specifically to
allow it connect to a port < 1024. I don't know if the utility has been
released under RedHat or whether you could just use the Debian
code...
Tim
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Esparza, Dan
Sent: 08 October 2001 18:38
To: [EMAIL PROTECTED]
Subject: How do I run Apache on port 80 using 2.4.x kernel?I see that the FAQ (at http://www.fubra.com/vsdfaq/ ) says that ..."...incidentally upgrading to kernel 2.4 potentially removes the problem
anyway because process capabilities would allow Apache to be started
with only sufficient privilege to allocate port < 1024, without being
given all the other root privileges."But it doesn't explain how to do this.I'm running RedHat 7.1 and for various reasons I don't want to use
iptables, so FreeVSD is currently using the redirection code provided
with FreeVSD. I'd like to run Apache (for each of the VS's) on port 80
-- like is suggested above -- but I'm not sure how to do this.Can someone point me in the right direction?What modifications will I need to make to rc.vsd, rc.conf, httpd.conf,
or other files to remove the redirection and run on port 80 on each of
the VS's?Thanks,
Dan
