Thanks Mattias

I thought that the idea was that resin started as root in order to 
permit binding to the protected ports <1024
and subsequently switched to run as a different user.

Our current setup with resin2 and a single server seems to do that.

Thank you for taking the time to respond.

Can anyone from caucho clarify this?



On 28/09/2011 13:35, Mattias Jiderhamn wrote:
> To answer one part of your question:
>> Additionally the application is started as root and for the app tier we
>> use<user>  and<group>  to change the user. When we try to do the same
>> thing in the web-loadbalancer tier the application fails to start. Is
>> this normal/to be expected? Is it safe for the web-tier to be running as
>> root?
> In a *nix environment, it is likely that non-root users are not allowed
> to bind ports<  1024. That is, Resin cannot answer on HTTP (80) or HTTPS
> (443) request unless running as root. I'd recommend using port
> forwarding from 80/443 to some port>  1024 and then run Resin as non-root.
> </Mattias>
> _______________________________________________
> resin-interest mailing list


Alan Wright
Athene Systems

tel 0845 230 9803

Athene Systems Limited
Registered Office:
Shieling House
Invincible Road
GU14 7QU

Registered in England and Wales No. 3156080

resin-interest mailing list

Reply via email to