Anyone had any luck getting caddy to run under a non-root user account on OSX?
Unfortunately OSX doesn’t have setcap
available and the nearest thing I’ve found which looks like it should do the job is OSX-authbind. Unfortunately I’ve not had much luck getting it working.
Ive added the following files to /etc/authbind/byport/
, chowned them to my user and chmod 755’ed them:
$ ls -al /etc/authbind/byport
-rwxr-xr-x 1 myusername staff 0 27 Sep 12:30 443
-rwxr-xr-x 1 myusername staff 0 27 Sep 12:30 80
From my understanding of authbind’s pretty sparse documentation, that should do the trick by allowing processes started by me [ie. the Caddy process] to access ports 80 and 443. However, when I issue the command authbind caddy
I get the following error:
fatal error: runtime: bsdthread_register error (unset DYLD_INSERT_LIBRARIES)
runtime stack:
runtime.throw(0x64264c, 0x3f)
/usr/local/go/src/runtime/panic.go:566 +0x95 fp=0x7fff5fbff9e0 sp=0x7fff5fbff9c0
runtime.goenvs()
/usr/local/go/src/runtime/os_darwin.go:86 +0x85 fp=0x7fff5fbffa10 sp=0x7fff5fbff9e0
runtime.schedinit()
/usr/local/go/src/runtime/proc.go:450 +0x9c fp=0x7fff5fbffa50 sp=0x7fff5fbffa10
runtime.rt0_go(0x7fff5fbffa88, 0x1, 0x7fff5fbffa88, 0x0, 0x0, 0x1, 0x7fff5fbffbb0, 0x0, 0x7fff5fbffbb6, 0x7fff5fbffbc5, ...)
/usr/local/go/src/runtime/asm_amd64.s:145 +0x14f fp=0x7fff5fbffa58 sp=0x7fff5fbffa50
I’ve no idea where to even start dissecting that one. Can anyone give me a clue?