I have a daemon that must be run as root on startup.
I use pm2 to start other apps but can not figure out if it can start an app as root. Can it be done?
If not, what are my options?
Asked
Active
Viewed 5.5k times
7 Answers
43
I had problems with sudo pm2 start api, but this was since pm2 was already running without sudo privileges, therefor you need to run:
pm2 kill
sudo pm2 start api
This kills the pm2 deamon first, so that it starts in sudo, but then you need sudo for ALL pm2 commands afterwards, like: sudo pm2 ls
Elias Fyksen
- 879
- 9
- 12
-
Perfect! I had pm2 running as ubuntu user, once I ran these commands my instance of pm2 is now running as root as needed to run https on my node server using port 3000. – William Worley Jun 04 '19 at 14:31
28
If you only need your daemon to be run as root in order to access a port number (such as 80 or 443), the pm2 documentation recommends using authbind. So, if you want the user yourusername to have access to port 80, run:
$ sudo apt-get install authbind
$ sudo touch /etc/authbind/byport/80
$ sudo chown yourusername /etc/authbind/byport/80
$ sudo chmod 755 /etc/authbind/byport/80
$ authbind --deep pm2 update
And then use authbind --deep pm2 instead of pm2. The documentation suggests setting up an alias.
Rabbits
- 730
- 7
- 9
-
-
1Yes, and `apt-get` is only available on distributions based on Debian. – Rabbits Mar 01 '17 at 18:51
15
I would recommend:
sudo pm2 start index.js
OR
pm2 start 'http-server' /var/www -p 80
sudo pm2 startup
pm2 save
OR
pm2 start 'which http-server' /var/www -p 80
To start it on your HTTP Port
Also, I always put -i 0 at the end - this starts up as many worker processes as you have cores. Check THIS
It is not always necessary to start PM2 as root. If you have PM2 as root and the cli module installed, security is a big risk. This is only required if you're starting your app on a port between 1 and 1024
devtech
- 325
- 1
- 12
7
Wasted about an hour
On AWS EC2 machine, one system was in inconsistent state due to earlier installations, that forced sudo elevations in the application for all commands to OS, like sh, etc.
pm2 was running as root:
ps aux | grep pm2
# root ... PM2 v4.1.2: God Daemon (/root/.pm2)
Now pm2 is running as ubuntu:
ps aux | grep pm2
# ubuntu ... PM2 v4.1.2: God Daemon (/home/ubuntu/.pm2)
Below commands worked:
sudo pm2 kill
sudo npm remove pm2 -g
sudo npm i -g pm2@latest
sudo pm2 update
sudo chown -R ubuntu:ubuntu /home/ubuntu/.pm2
Hope that helps
Manohar Reddy Poreddy
- 25,399
- 9
- 157
- 140
0
You should start pm2 as a root, (sudo pm2 start app.js), then your app will start as a root
Aminadav Glickshtein
- 23,232
- 12
- 77
- 117
-
2This does work but it seems to require that I run the other apps as root aswell. – Martin Nilsson Jan 30 '16 at 19:24
0
First, install pm2 globally. Then set root permissions to pm2 using this command
sudo chown ubuntu:ubuntu /home/ubuntu/.pm2/rpc.sock /home/ubuntu/.pm2/pub.sock
Nuwan Sameera
- 93
- 10
-
Why are you passing in `ubuntu:ubuntu`? In a different distribution would it be `root:user_to_give_root_access`? – Matthew Oct 11 '18 at 16:26
-
1I used an ec2 instance in aws and I logged as ubuntu user, for a root user your answer will work. I just gave an example of how it works. Thank you for pointing out. – Nuwan Sameera Oct 17 '18 at 07:40
0
you might consider routing your traffic with iptables, since there is a reason behind this errror
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
Jeremias Binder
- 1,899
- 1
- 8
- 6