Node.js在侦听http 80端口时出现EACCES错误（拒绝权限） [英] Node.js EACCES error when listening on http 80 port (permission denied)

问题描述

Node.js在http端口80（默认端口）上运行时会抛出以下错误： -

Node.js throws following error while running on http port 80 (default port):-

Error: EACCES, Permission denied
    at Server._doListen (net.js:1062:5)
    at net.js:1033:14
    at Object.lookup (dns.js:132:45)
    at Server.listen (net.js:1027:20)
    at [object Context]:1:3
    at Interface.<anonymous> (repl.js:150:22)
    at Interface.emit (events.js:42:17)
    at Interface._onLine (readline.js:132:10)
    at Interface._line (readline.js:387:8)
    at Interface._ttyWrite (readline.js:564:14)

我想出该节点需要root访问。

I figured out that node needs to have root access.

通常我们避免在正常情况下进行root访问。在端口80（或端口< 1024）上使用它的最佳做法是什么。

Conventionally we avoid giving root access in normal situation. What's the best practices for using it on port 80 (or port<1024).

这个链接具有相同的问题，但它只有一个答案即PREROUTING。虽然我的解决方案也提供其他方式。

This link has the same question but it has only one answer i.e. PREROUTING. While my solution provides other ways as well.

我正在写一个这样的一个地方的所有答案，因为我必须彻底的其他资源比PREROUTING。为什么不在一个地方分享知识的所有答案？

I am writing this to have all answers at one location, as I have to go thorough other resources than PREROUTING. Why not all answers at one location for sharing the knowledge

推荐答案

FYI：您不能在端口上运行套接字& 1024，具有正常的用户权限。您需要具有根访问权限。

FYI: You cannot run socket on ports < 1024 with normal user permission. You need to have root access for it.

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000

然后在端口3000上启动我的Node.js。对端口80的请求将获得映射到端口3000。

Then launch my Node.js on port 3000. Requests to port 80 will get mapped to port 3000.

您还应该编辑/etc/rc.local文件，并将该行减去sudo。这将在机器启动时添加重定向。您不需要在/etc/rc.local中使用sudo，因为在系统启动时，这些命令将以root身份运行。

You should also edit your /etc/rc.local file and add that line minus the sudo. That will add the redirect when the machine boots up. You don't need sudo in /etc/rc.local because the commands there are run as root when the system boots.

参考链接

目标： - 我们没有提供完整的根访问权限，只允许普通用户访问socket_root权限来运行服务器任何端口。

Objective:- We are not providing full root access and only giving socket_root permission to access it by normal user to run your server on any port.

我们不希望以root用户身份运行应用程序，但有一个困难：您的安全用户没有使用默认HTTP端口的权限（80）。您的目标是通过浏览易于使用的网址（如 http：// localhost ）来发布访问者可以使用的网站。

we do NOT want to run your applications as the root user, but there is a hitch: your safe user does not have permission to use the default HTTP port (80). You goal is to be able to publish a website that visitors can use by navigating to an easy to use URL like http://localhost.

不幸的是，除非您以root用户身份登录，否则通常必须使用 http：// localhost：3000 之类的URL - 注意端口号码。

Unfortunately, unless you sign on as root, you’ll normally have to use a URL like http://localhost:3000 - notice the port number.

很多人被困在这里，但解决方案很简单。有几个选择，但这是我喜欢的。键入以下命令：

A lot of people get stuck here, but the solution is easy. There a few options but this is the one I like. Type the following commands:

sudo apt-get install libcap2-bin
sudo setcap cap_net_bind_service=+ep `readlink -f \`which node\``

现在，当你告诉Node应用程序你想要的它运行在80端口，它不会抱怨。

Now, when you tell a Node application that you want it to run on port 80, it will not complain.

参考链接

一般信息参考链接从apache

General Info Reference link from apache

这篇关于Node.js在侦听http 80端口时出现EACCES错误（拒绝权限）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！