Hi Markus, Yes you're right about this being a permission issue. Good catch! I don't know what it would take to enable a non-root user to bind to a port below 1024 but we have to figure this one out to modify the installer.
Could you push a JIRA issue about this and we'll make sure we nip this in the bud on the next release. This is a high priority issue since it prevents using the server on 389 and probably on 636 with LDAPS. Alex On 10/5/07, Markus Pohle <[EMAIL PROTECTED]> wrote: > > > Hi List Member, > > I installed ApacheDS in Version 1.5.1 on Linux (CentOS 4.3) with Sun > JDK in Version 1.5.0_10. I used the rpm package to install ApacheDS. > > Right after installation I configured the server.xml for the default > partition, that can be found under the following path: > /var/lib/apacheds/default/conf/ > > I configured my own partition and switched the ldap port from 10389 to > 389 and then tried to start ApacheDS with this command: > [EMAIL PROTECTED] conf]# /etc/init.d/apacheds start default > Starting Apache Directory Server - default... > > What I get is this in the logfiles under /var/log/apacheds/default > [17:02:23] ERROR > [org.apache.directory.server.jndi.ServerContextFactory] - Failed to > bind an LDAP service (389) to the service registry. > java.net.SocketException: Permission denied > at sun.nio.ch.Net.bind(Native Method) > at > sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) > at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java > :59) > at > org.apache.mina.transport.socket.nio.SocketAcceptor.registerNew( > SocketAcceptor.java:365) > at > org.apache.mina.transport.socket.nio.SocketAcceptor.access$900( > SocketAcceptor.java:55) > at > org.apache.mina.transport.socket.nio.SocketAcceptor$Worker.run( > SocketAcceptor.java:224) > at > org.apache.mina.util.NamePreservingRunnable.run( > NamePreservingRunnable.java:39) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask( > ThreadPoolExecutor.java:650) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java > :675) > at java.lang.Thread.run(Thread.java:595) > [17:02:23] ERROR [org.apache.directory.daemon.Bootstrapper] - Failed > on null.init(InstallationLayout, String[]) > org.apache.directory.shared.ldap.exception.LdapConfigurationException: > Failed to bind an LDAP service (389) to the service registry. [Root > exception is java.n > et.SocketException: Permission denied] > at > org.apache.directory.server.jndi.ServerContextFactory.startLDAP0( > ServerContextFactory.java:577) > at > org.apache.directory.server.jndi.ServerContextFactory.startLDAP( > ServerContextFactory.java:511) > at > org.apache.directory.server.jndi.ServerContextFactory.afterStartup( > ServerContextFactory.java:306) > at > org.apache.directory.server.core.DefaultDirectoryService.startup( > DefaultDirectoryService.java:266) > at > > org.apache.directory.server.core.jndi.AbstractContextFactory.getInitialContext > (AbstractContextFactory.java:124) > > > I think (or better I am sure) this is because all ports lower than > 1024 behave to the root user and the script from /etc/init.d/apacheds > tries to start the default partition als apacheds user - and this user > is not allowed to bind port 389. > > Can anybody please help me with that? > TIA > Markus Pohle > > > > >
