Text only | Text with Images

Artix Linux Forum

Artix Linux => Installation / Migration / Configuration => Topic started by: bzb on 08 July 2024, 00:23:12

Title: alternative solution for allowing dnscrypt-proxy to bind to port 53 without root
Post by: bzb on 08 July 2024, 00:23:12
reference: https://wiki.artixlinux.org/Main/Dnscrypt-proxy

the following command allows dnscrypt-proxy to bind to port 53 without running as root:
Code: [Select]
sudo setcap cap_net_bind_service=+ep $(which dnscrypt-proxy)

this approach is also recommended for allowing caddy to bind to e.g. port 443:
https://github.com/caddyserver/caddy
Quote
When you run Caddy, it may try to bind to low ports unless otherwise specified in your config. If your OS requires elevated privileges for this, you will need to give your new binary permission to do so. On Linux, this can be done easily with: sudo setcap cap_net_bind_service=+ep ./caddy

with this approach, no further modifications are necessary to the default configuration, i.e. it is not necessary to run dnscrypt-proxy as root.
Text only | Text with Images