[Fedora-packaging] systemd and privileged ports
T.C. Hollingsworth
tchollingsworth at gmail.com
Thu Jul 18 10:04:30 UTC 2013
On Thu, Jul 18, 2013 at 2:21 AM, Daniel Pocock <daniel at pocock.com.au> wrote:
>
> Hi,
>
> In my blog the other day, I noted that upcoming versions of my package
> will be able to bind on port 443 (to provide TLS protected SIP over
> WebSockets)
>
> I've made upstream changes so the process can be started as root and
> drop privileges after binding.
>
> Somebody commented that I can use systemd to create the socket though.
> Looking at the man pages very briefly, I have the impression that this
> is only relevant to processes that spawn a new process to handle each
> client and that processes handling multiple clients can't take advantage
> of this.
>
> Is that correct? Or can systemd pass in a listening socket that has not
> received any connection yet?
systemd can do the inetd-style activation you speak of, pass you a
listening socket when starting on boot, or even wait until a
connection is initiated before starting you.
These explain what you need to do to implement the latter two in a daemon:
http://0pointer.de/blog/projects/socket-activation.html
http://0pointer.de/blog/projects/socket-activation2.html
Or if inetd is what you really want:
http://0pointer.de/blog/projects/inetd.html
-T.C.
More information about the packaging
mailing list