| ECS Home Automation and Security Archives |
| Subject: From: Date: | RE: [ecs] bind err Rob Hicks Sat, 1 Nov 2003 08:08:17 -0700 |
Sat, 1 Nov 2003 08:08:17 -0700
Mark,
I'm not running ECS Linux right now because of the serial port issue I
experienced. I'm still trouble shooting this. And, I have always been trying
to run as root.
I just tried to run ecs without root privileges. Here's how my ecs directory
is set up:
ecs/ ownership root.root
ecs/ privileges drwxrwxrwx
ecs/bk/ privileges drwxrwxrwx
ecs/ecs.bin privileges r-xr-xr-w
ecs/*.log privileges rwxrwxrwx
I don't know if that is correct but that is the way that I set it.
When ECS runs as a normal user, it does the following:
[rob@stealth ecs]$ ./ecs.bin
11/01 08:04:31 S EXE:cmd=cp main.log ./bk/main.log.35 dsp=0
11/01 08:04:31 ECS 2.3.06
11/01 08:04:31 S EXE:cmd=cp err.log ./bk/err.log.33 dsp=0
sh: line 1: fdisk: command not found
11/01 08:04:31 ERROR:PC ID:Err 1
11/01 08:04:31 Close Web-Server
11/01 08:04:31 Destruct objects
11/01 08:04:31 BYE
[rob@stealth ecs]$
What is it trying to do with fdisk? That seems like a strange thing to be
doing. Fdisk is normally not in a path where a normal user can run it since
they can destroy or modify partitions.
Rob
+1.801.836.0904
rob.hicks@comcast.net
-----Original Message-----
From: Mark Gilmore [mailto:mark@markgilmore.net]
Sent: Saturday, November 01, 2003 6:12 AM
To: ecs@netbloc.com
Subject: Re: [ecs] bind err
Sorry - I'm trying to bind to listen address 127.0.0.1:80 (or 89).
Is no one else getting this error running ECS/Linux (as a normal user) ?
I had not seen it until now, as I have been logging is as root
(until I get *other* problems addressed).
At 09:21 PM 10/31/2003 -0800, you wrote:
>Hi Mark,
>
>I'm not sure what you mean by a "bind error". Are you talking about BIND
>as in DNS server, or about binding to a port address to listen on it? If
>it is the latter, which port number are you trying to bind to? Do be
>aware that in Unix, only root can bind to ports below 1024. This is for
>security reasons; it is one of the reasons Linux is inherently more
>secure than Windows.
>
>There is a solution to this, but it only works for daemons, not for
>regular applications: servers such as Apache, Sendmail, etc. start up as
>root (like anything else that is launched during startup), bind to the
>port they need (for instance, 25 for Sendmail, 80 and 443 for Apache),
>and then, once the port is open, they change user ID so that even if
>somebody hacks into the server, the hacker won't have root access. The
>system function to accomplish this are setuid.
>
>On Fri, 2003-10-31 at 12:48, Mark Gilmore wrote:
> > Might anyone know how to get around a bind error on 127.0.0.1
("permission
> > denied").
> > It works fine as a superuser, so I know it's a privilege problem.
> > Thanks,
> >
> > Mark Gilmore
> > http://OmnipotenceSoftware.com
> >
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.528 / Virus Database: 324 - Release Date: 10/16/2003
>
>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.528 / Virus Database: 324 - Release Date: 10/16/2003
Mark Gilmore
http://OmnipotenceSoftware.com