I have just installed new version via apt-get.
It works fine when configured to use ports above 1024. But as soon as you add variable to /etc/default/openhab2 then “openhab” user has no permissions to run service on port 80
Can you tell me please how should I modify permissions properly to run service on port 80?
Temporarly as a workaround I’m using forwarding rule:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
port 80 is privilieged, therefore, you would have to start openHAB as root. Or simply install a proxy with port redirection. See http://docs.openhab.org/installation/security.html#nginx-reverse-proxy for details.
How can I start openHAB as a root if it is launched from systemctl?
I have already tried to add openhab user to sudo group and editing visudo permissions
You would have to change the used user for startup, but I’m not sure about the behavior of openHAB, maybe it will drop privileges anyway, so the best option is reverse proxy (and don’t forget about the security issue when starting openHAB successfully as root)
OK. In that case I think that I will stay with above iptables rule that works just fine (there is no need for reverse proxy) at least for now. I was just curious if permissions can be changed, but as you said this can cause security issue.
Thanks for quick explanation!