Running python webservers on port 80 without root

If you want to have a python webserver running locally and listening on port 80 – or any other port < 1024, you can do it like this:

$ sudo setcap 'cap_net_bind_service=+ep' /usr/bin/python3.8

This gives the /usr/bin/python3.8 binary the ability to bind to privileged ports without being root. Note that this only works for real files, not symlinks, so this will probably not work, as python is generally a symlink:

$ sudo setcap 'cap_net_bind_service=+ep' $(which python)`

I wanted this so that the invoke livereload thing for this blog, could take over from Nginx for local development, giving me incremental live rebuilding & reloading while editing. This happens to use tornado underneath, which is a Python webserver.


Related Posts