Unable to bind to port 80, but running on the current shell works without any issues

Asked 16/7, 2013 at 8:48 Answered 2/7, 2014 at 17:50

ruby-on-rails capistrano sudo unicorn rvm-capistrano

I get the following error while trying to run "cap production unicorn:start"

F, [2013-07-12T04:36:18.134045 #28998] FATAL -- : error adding listener addr=0.0.0.0:80
/home/ec2-user/apps/foo_prod/shared/bundle/ruby/2.0.0/gems/unicorn-4.6.3/lib/unicorn/socket_helper.rb:147:in `initialize': Permission denied - bind(2) (Errno::EACCES)

Running the following command manually, does work without any issues. What could be the problem here?

rvmsudo unicorn_rails -c config/unicorn/production.rb -D --env production

Thomajan answered 16/7, 2013 at 8:48 Comment(0)

You need root access to bind to lower ports like port 80. Command rvmsudo executes in root context and therefore it works.

Cap task executes in a normal user context (probably deploy) depending on your configuration. You should add sudo ability to cap deploy user and make sure your cap task uses sudo to start unicorn.

Tripp answered 17/7, 2013 at 16:6 Comment(0)

Answer by @Iuri G. gives you reason and possible solution.

I have another suggestion, unless you have extremely compelling reason to run Unicorn with port 80, change that to a higher port (>1024), like 3000. This will solve your problem.

If it is an application that is exposed to public, it is too easy to overwhelm Unicorn and make your application unavailable to end users. In such a case, do put Unicorn behind a proxy (like Nginx). The proxy will be on port 80 and Unicorn on a higher port.

Marti answered 22/7, 2013 at 3:57 Comment(0)

In my development environment, using RubyMine, I ran into this recently.

I used SSH to redirect port 80 to 8080.

sudo ssh -t -L 80:127.0.0.1:8080 [email protected]

Cheetah answered 2/7, 2014 at 17:50 Comment(1)

Worked perfectly! Just remember that the tunnel will be alive until you kill it/restart the computer. – Taverner 31/8, 2017 at 21:55

I assume you are running Ubuntu as production server. On your server you need to edit your sudoers file:

First type select-editor and select nano (or another editor you feel confortable with)

Then at the bottom of the file, before the include line, add this line:

%deployer ALL=(ALL)NOPASSWD:/path/to/your/unicorn_rails

You need to replace deployer by the user name you are using with capistrano, and to replace /path/to/your/unicorn_rails with its correct path. This will allow your deployer user to "sudo unicorn_rails" without being prompt for a password.

Finally edit your unicorn:start capistrano task, and add rvmsudo ahead of your command line that start unicorn:

rvmsudo unicorn_rails -c config/unicorn/production.rb -D --env production

If it does not work you can try this instead

bundle exec sudo unicorn_rails -c config/unicorn/production.rb -D --env production

Jacquenette answered 26/7, 2013 at 0:58 Comment(0)

Recommended topics

Hot tags