Synchronet v3.19b-Win32 (install) has been released (Jan-2022).

You can donate to the Synchronet project using PayPal.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
faq:nix [2018/02/13 12:41] – [Ports Below 1024 Without Root On Linux] Add reference to Linux non-root page deucefaq:nix [2020/11/14 11:19] – Create Linux-recycle FAQ digital man
Line 18: Line 18:
   * [[#SELinux|What does nothing work with SELinux]]?   * [[#SELinux|What does nothing work with SELinux]]?
   * [[#Disk space|How much disk space is required]]?    * [[#Disk space|How much disk space is required]]? 
-  * [[#TermType|What does an ''unknown terminal'' error indicate]]? +  * [[#Terminal Type|What does an ''unknown terminal'' error indicate]]? 
-  * [[#ports_below_1024_without_root_on_linux|How can bind to ports below 1024 without being root on Linux]]?+  * [[#tempnam warning|Why do I get a warning about use of ''tempnam'' when compiling]]? 
 +  * [[#SDL Errors|How do work around SDL 1.2 run-time errors]]? 
 +  * [[#Recycle|Why does the recycling of servers/services not work]]?
      
 ===== Flavors ===== ===== Flavors =====
Line 170: Line 172:
  
 **Answer:**\\    **Answer:**\\   
-A fresh install (as of Feb-2009) requires about 70MBytes+A fresh install (as of Mar-2020from source code, requires about 500MBytes of space
-Much of the space consumed is in the form of intermediate build files which +Much of the space consumed is in the form of intermediate build files which may be removed after the build is complete if space is a concern.
-may be removed after the build is complete if space is a concern.+
  
  
Line 193: Line 194:
 To elaborate, [[util:SBBSecho]] uses ''tempnam'' for a specific purpose, which ''mkstemp'' does not do. Additionally ''mkstemp'' is not available in all the C libraries for all the platforms for which Synchronet is built. The //dangers// of ''tempnam'' do not apply to SBBSecho's use of the function. To elaborate, [[util:SBBSecho]] uses ''tempnam'' for a specific purpose, which ''mkstemp'' does not do. Additionally ''mkstemp'' is not available in all the C libraries for all the platforms for which Synchronet is built. The //dangers// of ''tempnam'' do not apply to SBBSecho's use of the function.
  
-===== Ports Below 1024 Without Root On Linux =====+===== SDL errors =====
 **Question:**\\ **Question:**\\
-How can bind to network ports below 1024 as non-root user on Linux?+How do work around SDL_main errors (e.g. ''No protocol specified'' followed by ''segmentation fault'') that prevent Synchronet applications (e.g. [[util:SCFG]], [[util:EchoCFG]], [[monitor:umonitor]], etc.) built with SDL 1.2 from running? 
 +<code> 
 +$ /sbbs/exec/scfg 
 +No protocol specified 
 +No protocol specified 
 +No protocol specified 
 +Segmentation fault (core dumped) 
 +</code>
  
 **Answer:**\\ **Answer:**\\
-By default, Linux does not allow non-root processes to bind to ports below 1024.  This was done as a security measure, although some argue that the reasons for this are obsolete.  It is often a bad practice to run processes as root unless it's really necessary to do so, and perhaps even more so with an Internet-accessible server.  Thusit is often desirable to run servers on standard ports (below 1024) as a non-root user.  You can do so with the setcap command.  For example:\\ +Double check that you can run X applications (e.g. ''xterm'', ''xeyes''and if you cannotyou may need to grant X access to other user accounts with command like
-  setcap cap_net_bind_service=+ep /sbbs/exec/sbbs+  xhost +SI:localuser:<username> 
 +executed before switching to another user account (e.g. with ''su'' or ''sudo'').
  
-For more information, see the following:\\ +Work-arounds: 
-[[howto:linux_non-root]]\\ +  - Clean re-build all of Synchronet without SDL support (include ''WITHOUT_SDL=1'' on the ''make'' command-lines or in your ''localdefs.mk'' file) 
-[[https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux|StackOverflowIs there a way for non-root processes to bind to “privileged” ports on Linux?]]\\ +  - Set the ''SDL_VIDEODRIVER'' environment variable to the value of ''dummy'' (e.g. ''EXPORT SDL_VIDEODRIVER=dummy'') before executing the program 
-[[https://www.jumpingbean.co.za/blogs/mark/run-application-port-below-1024-linux|How to bind to ports below 1024 without being root on Linux?]]\\ + 
-[[https://www.staldal.nu/tech/2007/10/31/why-can-only-root-listen-to-ports-below-1024|Why can only root listen to ports below 1024?]]+===== Recycle ===== 
 +**Question:**\\ 
 +Why do my servers/services fail to recycle when I set the node-recycle flag (e.g. saving changes in [[util:SCFG]]) or when touching [[config:semfiles]]? 
 + 
 +**Question:**\\ 
 +What do the following warning-level log messages indicate? 
 +  Disabling Terminal Server recycle support 
 +  Disabling FTP Server recycle support 
 +  Disabling Web Server recycle support 
 +  Disabling Mail Server recycle support 
 +  Disabling Services recycle support 
 +   
 +**Answer:**\\ 
 +Recycle support can be disabled manually be setting the ''NO_RECYCLE'' ''Options'' flag in one or more server sections of your ''[[config:sbbs.ini]]'' file. The log warning messages above indicate that the BBS automatically set this option flag because it was: 
 +  Configured to bind-to/listen-on TCP ports < 1024 (the so-called "reserved" ports
 +  **and** the BBS was configured to change the current user-id in the ''[[config:sbbs.ini#UNIX]]'' section of ''[[config:sbbs.ini]]'' 
 +  **and** the BBS could not dynamically set the bind capabilities using the Linux "Capabilities" syscall interface. 
 + 
 +The solution is to remove the ''User'' and ''Group'' settings from the ''[[config:sbbs.ini#UNIX]]'' section of ''[[config:sbbs.ini]]'' and the follow the instructions [[howto:Linux_non-root|here]] for running the BBS on Linux as a non-root user.
  
 ===== See Also ===== ===== See Also =====

Trace: