Richard Megginson wrote:
Steve Rigler wrote:
> On Wed, 2007-06-13 at 09:21 -0600, Richard Megginson wrote:
>
>> Steve Rigler wrote:
>>
>>> Is it possible to configure the admin server to use the standard https
>>> port? The documentation states that reserved ports can't be used, but
>>> if the admin server runs as root is this really an issue?
>>>
>> What version of Fedora DS? Note that the standard Apache used on
>> most linux platforms will not even allow you to run as root.
>>
>
> This is 1.0.4 on RHEL 4. The issue is that when I try to configure the
> admin server to use a reserved port I get a dialog stating "inadequate
> permission. Port is protected."
>
Hmm. Not sure why that is. The standard model for most unix/linux
daemons now is to startup as root, open/bind the low port number, then
setuid to a non-privileged user.
I think there is code that looks to see if the port is
available/bindable. Since admin server has already dropped priviledges
it can't change the port.
> Ideally we'd like to be able to use "Directory Server
Express" to
> provide users with the ability to reset their own passwords. Since this
> should be secure it seems like it would make more sense to run the
> service on port 443 rather than an unreserved port. I'm just stumbling
> on actually getting this part to work.
>
Why do you need to use 443? The Admin Server can serve https requests
without having to be on port 443.
You could try setting it manually in
/opt/fedora-ds/admin-serv/config/console.conf
I suspect he wants 443 because it is easier and users don't need to
remember to set a port.
rob