github/vim-ale
1
0
Fork 0
mirror of https://github.com/webinstall/webi-installers.git synced 2026-02-14 17:49:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: add setcap-netbind

Browse Source
This commit is contained in:
Ryan Burnette
2021-07-25 10:50:55 -04:00
committed by AJ ONeal
parent 75bb6914e2
commit 46af5a3ca3
5 changed files with 55 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
setcap-netbind/README.md Normal file
View File

@@ -0,0 +1,23 @@
---
title: setcap-netbind
homepage: https://github.com/webinstall/webi-installers/setcap-netbind/README.md
tagline: |
setcap-netbind: Give a binary the ability to bind to privileged ports.
---
setcap-netbind will grant the specified program the ability to listen on
privileged ports, such as 80 (http) and 443 (https) without root privileges or
sudo. It seeks out the specified binary in your path and reads down symlinks to
make usage as painless as possible.
## Cheat Sheet
```bash
sudo setcap-netbind node
```
This is the same as running the full command:
```bash
sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which node))
```

10
setcap-netbind/install.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/bash
{
set -e
set -u
rm -f "$HOME/.local/bin/setcap-netbind"
webi_download "$WEBI_HOST/packages/setcap-netbind/setcap-netbind.sh" "$HOME/.local/bin/setcap-netbind"
chmod a+x "$HOME/.local/bin/setcap-netbind"
}

17
setcap-netbind/setcap-netbind.sh Normal file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
{
set -e
set -u
my_bin="$1"
if [ -z "$(which $my_bin)" ]; then
echo "'$my_bin' not found"
exit 1
fi
my_sudo=""
if [ -n "$(command -v sudo)" ]; then
my_sudo=sudo
fi
$my_sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which $my_bin))
}

8
vps-utils/README.md
View File

@@ -8,16 +8,16 @@ tagline: |
## Cheat Sheet
> VPS Utils includes shortcut commands for some common tasks, including
> `cap-net-bind`, 'vps-addswap', and 'myip'
> `setcap-netbind`, 'vps-addswap', and 'myip'
**cap-net-bind**:
**setcap-netbind**:
`cap-net-bind` will give the specified program the ability to listen on
`setcap-netbind` will give the specified program the ability to listen on
privileged ports, such as 80 (http) and 443 (https) without `root` privileges or
`sudo`.
```bash
sudo cap-net-bind node
sudo setcap-netbind node
```
This is the same as running the full command:

17
vps-utils/cap-net-bind.sh
View File

@@ -1,17 +0,0 @@
#!/bin/bash
{
set -e
set -u
my_bin="$1"
if [ -z "$(which $my_bin)" ]; then
echo "'$my_bin' not found"
exit 1
fi
my_sudo=""
if [ -n "$(command -v sudo)" ]; then
my_sudo=sudo
fi
$my_sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which $my_bin))
}

1
vps-utils/cap-net-bind.sh Symbolic link
View File

@@ -0,0 +1 @@
../setcap-netbind/setcap-netbind.sh