1

So I'd like to switch to port 80 in my development environment, but rails server makes this tough.

rvmsudo bundle exec rails server thin -p 80 works fine, but litters my environment with sass cache and other temporary files, all root-permissioned, which means I pretty much have to do everything as root, which is a Very Bad Thing.

thin start -p 80 -u me -g staff -e development doesn't work; thin seems to drop permissions before binding the port (?!). Even if it did work, this wouldn't do; rails server provides much richer logging for development.

To be clear, I'm well aware that binding port 80 requires root. The ideal solution would drop permissions down to a user/group that I specify after binding port 80, as every server in the last 20 years has been able to do. Is this really not possible to do with rails server? I can't find any documentation on it.

bhuga
  • 1,292
  • 1
  • 14
  • 24
  • You probably won't be able to do this; the naive Rails server process expects to be run exactly as the user you're running it as, which will lead to weird permission problems (as you've found) when run as root. Instead of doing that, though, have you considered an alternative? [pow](http://pow.cx/) binds to named routes that respond on port 80, allowing you to go to http://mapp.dev/ and be directed immediately to your application. – Veraticus May 17 '12 at 17:04
  • I have not been able to figure out how pow works; there's so much magic that the documentation doesn't tell me what's going on. But reading it again just now at your suggestion, it seems to do its magic with `ipfw`, which I've manually used to solve my problem for now. So this is worth a check mark if you post an answer, in my book, if nobody posts a more `rails server` centric answer within a day or two. – bhuga May 17 '12 at 17:16
  • Did you consider using a webserver (for example apache or nginx) as transparent proxy instead? You are then able to run your app as an unprivileged user but access it through port 80. – iltempo May 17 '12 at 21:17
  • I did consider that, but I hate adding moving parts to my dev setup, especially as I do, in a few places, use things like client IP addresses that introduce potential bugs when adding a proxy, as one needs to start paying attention to x-whatever headers. It seems such a ridiculous kludge to have to add a proxy specifically for the port 80 of it all: after all, it's not like I need to run nginx or apache as root! `ipfw` seems to be doing the trick and introduces fewer potential complexities. – bhuga May 18 '12 at 06:36

0 Answers0