非root用户,启动绑定80端口的nccloud1909报错java.net.BindException: Permission denied (Bind failed)
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-80]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-80]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:560)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:840)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.tomcat.granite.BrightTomcat.start(BrightTomcat.java:184)
at nc.bs.tomcat.startup.Bootstrap.start(Bootstrap.java:250)
at nc.bs.tomcat.startup.BootStrapTomcatService.run(BootStrapTomcatService.java:78)
at nc.bs.tomcat.startup.BootStrapTomcatService.startServer(BootStrapTomcatService.java:59)
at nc.bs.mw.fm.ServiceManager.startService(ServiceManager.java:314)
at nc.bs.mw.fm.ServiceManager.startService(ServiceManager.java:239)
at nc.bs.mw.fm.ServiceManager.access$3(ServiceManager.java:237)
at nc.bs.mw.fm.ServiceManager$1.run(ServiceManager.java:200)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 12 more
Caused by: java.net.BindException: Permission denied (Bind failed) <null>:80
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:413)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:728)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:452)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119 )
at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
... 13 more
Caused by: java.net.BindException: Permission denied (Bind failed)
at java.net.PlainSocketImpl.socketBind(Native Method)
at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376)
at java.net.ServerSocket.bind(ServerSocket.java:375)
at java.net.ServerSocket.<init>(ServerSocket.java:237)
at java.net.ServerSocket.<init>(ServerSocket.java:181)
at org.apache.tomcat.util.net.DefaultServerSocketFactory.createSocket(DefaultServerSocketFactor y.java:49)
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
... 17 more
没有找到相关结果
已邀请:
1 个回复
nccloud
Linux下,限制非ROOT用户启动监听1024以下的端口的服务。可以 改为8080/8443等1024以上的端口, 用命令进行端口绑定。
以centos7为例。可以如下操作实现非root用户启动,应用绑定80端口。
1、修改nccloud启动绑定端口为8080
2、启动防火墙
3、 添加端口开放(包括SSH等其他服务器本来开放的端口,这里要同步设置--permanent表示永久开放)
3、添加端口80转发到8080
4、添加完成后查看已开放的端口
5、允许防火墙伪装ip (这个我实际没执行)
6、更新规则使配置生效
其他
查看当前zones
zone 这个参数是做什么的
zone的概念:硬件防火墙默认一般有三个区,firewall引入这一概念系统默认存在以下区域:
drop:默认丢弃所有包
block:拒绝所有外部连接,允许内部发起的连接
public:指定外部连接可以进入
external:这个不太明白,功能上和上面相同,允许指定的外部连接
dmz:和硬件防火墙一样,受限制的公共连接可以进入
work:工作区,概念和workgoup一样,也是指定的外部连接允许
home:类似家庭组
internal:信任所有连接