Bind to port <1024 in jail
Eugene Grosbein
eugen at grosbein.net
Tue Aug 21 03:30:28 UTC 2018
21.08.2018 1:37, Charles Sprickman via freebsd-stable wrote:
> I am so behind on all the new toys in the system. I was very embarrassed
> to find out about this feature from someone who’s primarily working
> with Linux in his day job. He was just looking to bind an Elixir app to 80/443
> without running as root and he shared this:
>
> security.mac.portacl.rules=gid:2001:tcp:80,gid:2001:tcp:443
>
> We stuck that in sysctl.conf and that was that.
This is not so new: mac_portacl is here since 8.0-RELEASE.
> I wish FreeBSD still had the evangelism folks that would go out and
> tell the userbase and anyone else that would listen about all the cool
> new stuff. :)
Well, we still have Release Notes for every major or minor release.
Get a habit reading it once a release and you'll know it all.
More information about the freebsd-stable
mailing list