This is an old revision of the document!
Freebsd Non-root
Running on FreeBSD, you can use the mac_portacl(4) framework to allow a specific user ID to bind specific reserved ports.
First, find the uid of the user you are running sbbs as. Assuming the user name is “sbbs”:
id sbbs
.
Next, you need to edit /boot/loader.conf and add the line
mac_portacl_load="YES"
. Now, you need to add the following lines to /etc/sysctl.conf. Replace “1003” with the uid you found above:
security.mac.portacl.enabled=1 net.inet.ip.portrange.reservedhigh=0 security.mac.portacl.rules=\ uid:1003:tcp:11\ ,uid:1003:udp:11\ ,uid:1003:tcp:17\ ,uid:1003:udp:17\ ,uid:1003:tcp:18\ ,uid:1003:udp:18\ ,uid:1003:tcp:21\ ,uid:1003:tcp:22\ ,uid:1003:tcp:23\ ,uid:1003:tcp:25\ ,uid:1003:tcp:70\ ,uid:1003:tcp:79\ ,uid:1003:udp:79\ ,uid:1003:tcp:80\ ,uid:1003:tcp:110\ ,uid:1003:tcp:143\ ,uid:1003:tcp:513\ ,uid:1003:tcp:587\ ,uid:1003:tcp:843
Finally, you will need to apply the changes. Load the module using
kldload mac_portacl
then apply the sysctl.conf changes
service restart sysctl
.
Now you should be able to run SBBS as the specified user and rebind ports. Make sure you remove the User= line from the UNIX section of the sbbs.ini or you will be unable to recycle the BBS.