Kodi Webserver on Port 80. Underlying weirdness that I don't understand.
#1
OK, the goal is simple. I run Kodi on a dedicated HTPC. Nothing is on port 80 and I want to make it easy for family to use the web interface. Trivial rally. So Wanted to put Kodi's webservice on port 80.

It's running on a Linux box (mint 19.3) and this will of OS dependent but fairly Linux generic. Essentially low numbered ports are reserved for use by root only and I can run Kodi on port 80 as root without drama. All good. But that is no solution, an app as comolex as Kodi should under no circumstances be running as root.

So now comes the oddness. There are ways and means to do this on Linux.

Method 1: authbind
Easy enough I installed authbind, I configured it. I even tested with
Code:
nc -l 80
(which is just a standard way of listening on a port. Without authbind it returns
Code:
nc: Permission denied
and with authbind it listens on port 80 just fine. But Kodi ... nope, with authbind just complains that web server failed to start. Even
Code:
authbind --deep
fails (that just grants all kodi's children (processes and threads permission to bind to port 80).

Method 2: setcap
In modern Linux you can grant binaries specific capabilities and a fairly standard solutuion for permitting the binding to port 80 (or all low numbered ports really) looks like:
Code:
sudo setcap cap_net_bind_service+ep /usr/bin/kodi
Alas also no go. Doesn't work. Kodi still complains the web server fails to start when I put it on port 80.

Method 3: rerouting
OK this works:
Code:
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
That is, run Kodi on 8080 and redirect requests from 80 to 8080. Not ideal but it works.

What blows my mind is that authbind and setcap fail.

Has anyone got a clue why that might be?
Reply


Messages In This Thread
Kodi Webserver on Port 80. Underlying weirdness that I don't understand. - by ThumbOne - 2020-05-18, 10:17
Logout Mark Read Team Forum Stats Members Help
Kodi Webserver on Port 80. Underlying weirdness that I don't understand.0