On Linux, if you want to open a port less than 1025, you normally need to run as root. Running a web application (runs on port 80/443, in the above range) entirely under root user is really dangerous and is obviously not recommended.
Most of web servers only run a master process as root and delegates works to other helper processes which run with lower privileges to perform. But Node.js runs with single-process model, then if you plan to run Node.js in Linux systems it’s a little bit tricky to deal with the port issue.
Fortunately, on modern releases of Linux, you can use capabilities setting to work out of that. You only need the root access to install and setup the capabilities setting to tell the system to allow Node.js binding services on low ports ( port # < 1025)
Commands to do that are very straight forward and simple:
Install the capabilities tool:
$ sudo apt-get install libcap2-bin</i>
Grant Node.js to bind services on low ports:
$ sudo setcap cap_net_bind_service=+ep <Path to Node.js> Eg: /usr/nodejs/bin/node
And now you can run node.js without having to sudo to root
But what if you already installed and run your application under root, and you want to switch everything over to a lower privileged user? That’s also quite easy with following steps:
- Create a new user
$ useradd node_app -G nodegroup
$ cp -R /path/to/the/app /new/destination/
$chown -R node_app:nodegroup /new/destination/
$chown -R node_app /user/nodejs