In all linux systems, you need to be root to bind to ports lower than 1024.
Here are a couple of ways you could handle this:
cap_net_bind_service
capability You can grant your application the cap_net_bind_service
capability.
For this to work, the filesystem on which the executable resides needs to support capabilities.
setcap 'cap_net_bind_service=+eip' /path/to/executable
You can also launch the process as a systemd service with AmbientCapabilities
.
[Service]
AmbientCapabilities=CAP_NET_BIND_SERVICE
You can start your application in a higher port.
Then setup firewall rules to forward traffic from the lower port to the higher port.
firewall-cmd --add-forward-port=port=443:proto=tcp:toport=8443
Use --permanent
flag for persistence.