Running legacy C application as non root user

gowtham1111 · 2019-01-28 04:44:03 UTC

We are trying to run a legacy C application as non-root user. This application will be talking to IoT to send and receive data. When we execute the program as non-root user we get error “azure-iot-sdk-c/c-utility/adapters/socketio_berkeley.c Func:lookup_address_and_initiate_socket_connection Line:283 Failure: getaddrinfo failure -3.”

We tried setting capabilities to our application using “setcap cap_net_bind_service+ep”. Still we are unable to bind to port 443.

Please let us know if there are any alternatives to successfully run our application as non-root user.

Note: We are able to successfully run our application as root user

CoRfr · 2019-01-28 20:18:35 UTC

That makes me think that it somehow can’t access the /etc/resolv.conf file to be able to contact DNS servers.

Please look at this sample app to look for the files needed to be mounted to be able to run some network client operations from a sandbox: https://github.com/legatoproject/legato-af/blob/master/apps/sample/httpGet/httpGet.adef#L11

I’m thinking about

        // needed for networking:
        /lib/libnss_compat.so.2 /lib/
        /lib/libnss_files.so.2 /lib/
        /lib/libnss_dns.so.2 /lib/
        /lib/libresolv.so.2 /lib/
        /etc/nsswitch.conf /etc/
        /etc/hosts /etc/
        /etc/resolv.conf /etc/

in particular.

bengler · 2019-02-19 13:47:02 UTC

Ports less than 1024 can only be opened as root. Please refer forum topic: [Solved]Open socket in a sandbox