| View previous topic :: View next topic |
| Author |
Message |
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
 Posted: Sun Mar 31, 2024 9:59 am Post subject: transmission-daemon service will not listen to port 80[solv] |
 |
|
I have changed the settings under /var/lib/transmission/config/settings.json to:
transmission-daemon service will start but I will not find any binaries listening on port 80:
| Code: | | samsung /var/lib/transmission/config # netstat -lptun | grep 80 |
if I run the same command in the service file from the terminal, transmission starts listening ot port 80(the service is also configured to run as the user adel):
adel@samsung ~ $ /usr/bin/transmission-daemon --log-level info -f --log-level=error -p 80
samsung /var/lib/transmission/config # netstat -lptun | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 34751/transmission-
how can I get the service to start transmission-daemon listening to port 80?
Last edited by Adel Ahmed on Wed Apr 10, 2024 11:36 am; edited 2 times in total |
|
| Back to top |
|
 |
flexibeast
Guru
Joined: 04 Apr 2022
Posts: 324
Location: Naarm/Melbourne, Australia
|
| Posted: Mon Apr 01, 2024 2:36 am Post subject: |
|
|
| i don't use Transmission myself, but are there any errors reported in the log file (by default, `/var/log/transmission/transmission.log`)? |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Mon Apr 01, 2024 8:08 am Post subject: |
|
|
I can't really tell where the problem is:
| Code: | [2024-04-01 10:06:14.275] inf session.cc:646 Transmission version 4.0.3 (6b0e49bbb2) starting (session.cc:646)
[2024-04-01 10:06:14.276] inf session.cc:404 Listening to incoming peer connections on [0.0.0.0]:51413 (session.cc:404)
[2024-04-01 10:06:14.276] inf port-forwarding.cc:215 State changed from 'Not forwarded' to 'Starting' (port-forwarding.cc:215)
[2024-04-01 10:06:14.276] inf tr-udp.cc:168 Bound UDP IPv4 address [0.0.0.0]:51413 (tr-udp.cc:168)
[2024-04-01 10:06:14.276] inf rpc-server.cc:763 Added '127.0.0.1' to host whitelist (rpc-server.cc:763)
[2024-04-01 10:06:14.276] inf rpc-server.cc:763 Added '::1' to host whitelist (rpc-server.cc:763)
[2024-04-01 10:06:14.276] inf rpc-server.cc:907 Serving RPC and Web requests on 0.0.0.0:80/transmission/ (rpc-server.cc:907)
[2024-04-01 10:06:14.276] inf rpc-server.cc:912 Whitelist enabled (rpc-server.cc:912)
[2024-04-01 10:06:14.276] inf rpc-server.cc:923 Serving RPC and Web requests from '/usr/share/transmission/public_html' (rpc-server.cc:923)
[2024-04-01 10:06:14.276] inf daemon.cc:715 Loading settings from '/var/lib/transmission/config' (daemon.cc:715)
[2024-04-01 10:06:14.276] inf session.cc:1406 Loaded 1 torrent (session.cc:1406)
[2024-04-01 10:06:20.276] WRN public.popcorn-tracker.org:6969 Couldn't look up 'public.popcorn-tracker.org:6969': Name or service not known (-2) (announcer-udp.cc:419)
[2024-04-01 10:06:21.284] inf port-forwarding.cc:215 State changed from 'Starting' to 'Not forwarded' (port-forwarding.cc:215)
[2024-04-01 10:06:22.286] inf port-forwarding.cc:215 State changed from 'Not forwarded' to '???' (port-forwarding.cc:215)
|
|
|
| Back to top |
|
|
Zucca
Moderator
Joined: 14 Jun 2007
Posts: 3348
Location: Rasi, Finland
|
| Posted: Mon Apr 01, 2024 8:43 am Post subject: |
|
|
Which service manager do you use? Openrc, systemd, runit..?
Also I'm bit confused, you wrote about port 80, but in the end you asked for how to run on port 8080?
Normally only root can open ports below 1024. If a service need to open a port below 1024, then it must be started as root (and then later switch user to an unprivileged user, if needed). Or optionally you can start a service listening to some port over 1024 and not require root at any point. Of course then you can use nftables/iptables to map ports so that the daemon responds (also) at another port.
_________________
..: Zucca :..
Gentoo IRC channels reside on Libera.Chat.
--
| Quote: | | I am NaN! I am a man! |
|
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Mon Apr 01, 2024 9:00 am Post subject: |
|
|
I'm using systemd.
yes that was a mistake, i meant I wanted to run it on port 80.
running using non root should not be a problem, I can run transmission daemon from a non-root user listening on port 80:
| Code: | adel@samsung ~ $ /usr/bin/transmission-daemon --log-level info -f --log-level=error -p 80
samsung ~ # netstat -lptun | grep -i trans
tcp 0 0 0.0.0.0:51413 0.0.0.0:* LISTEN 524242/transmission
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 524242/transmission
udp 0 0 0.0.0.0:6771 0.0.0.0:* 524242/transmission
udp 0 0 0.0.0.0:51413 0.0.0.0:* 524242/transmission |
|
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21651
|
| Posted: Mon Apr 01, 2024 12:53 pm Post subject: |
|
|
| Is that warning about name resolution relevant? Are you expecting it to be able to resolve that name? Is it expected to work even when the name does not resolve? |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Wed Apr 10, 2024 11:36 am Post subject: |
|
|
no.
what I did do was get the daemon to run as the root user, now it listens to port 80
thanks everyone |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21651
|
| Posted: Wed Apr 10, 2024 2:58 pm Post subject: |
|
|
| As Zucca said, running as non-root (technically, running without CAP_NET_BIND_SERVICE) prevents binding to port 80. Your output showing that it worked seems very strange to me. Are you sure that what you showed was really the unprivileged process listening there? There was nothing involving suid, inherited capabilities, or a similarly named root process? |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Wed Apr 10, 2024 4:46 pm Post subject: |
|
|
| yes positive, I did apply the 'CAP_NET_BIND_SERVICE' privilege though, which explains why it was running as adel user, but not why it wasn't running as the same user via a systemd service |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21651
|
| Posted: Wed Apr 10, 2024 4:58 pm Post subject: |
|
|
| How did you apply that capability? Did the version started by systemd have access to that capability? |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Wed Apr 10, 2024 5:20 pm Post subject: |
|
|
I used the setcap command:
| Code: | setcap cap_net_bind_service+ep /usr/bin/transmission-daemon
samsung ~ # getcap /usr/bin/transmission-daemon
/usr/bin/transmission-daemon cap_net_bind_service=ep |
I see the same executable is being used in the service files:
| Code: | ExecStart=/usr/bin/transmission-daemon -f --log-level=info -p 80 --logfile /var/log/transmission.log
|
|
|
| Back to top |
|
|
|
Networking & Security
