Can't assign to priviliged ports (<1024)

Expected behavior

$docker run -d -p 80:80 nimmis/apache
4823b206350aed229b2da504de704833419f6d6759eb684d0e551c656f5c942f
$

container accessable with port 80 from externa port

Actual behavior

$docker run -d -p 80:80 nimmis/apache
docker: Error response from daemon: driver failed programming external connectivity on endpoint adoring_williams (8eea84b97ad7acb983bddf1b4bfe31c67304e430aefe8c9029ae7320caa748cd): Error starting userland proxy: failed to bind port: Unix.Unix_error(Unix.EACCES, “bind”, “”).
$

Works if you giv e port above 1024

$docker run -d -p 8080:80 nimmis/apache
7f25cbeb86f5ee7e854432c3199bd54c472190be0819b55c326ce124fdc42062
$

Information

pinata diagnose -u
OS X: version 10.10.5 (build: 14F1713)
Docker.app: version v1.11.0-beta6
Running diagnostic tests:
[OK] docker-cli
[OK] Moby booted
[OK] driver.amd64-linux
[OK] vmnetd
[OK] osxfs
[OK] db
[OK] slirp
[OK] menubar
[OK] environment
[OK] Docker
[OK] VT-x
Docker logs are being collected into /tmp/20160412-133714.tar.gz.
Your unique id in bugsnag is: ECEBD305-824C-4FC0-AC4B-3DF038857962
Please quote this in all correspondence.

Steps to reproduce the behavior

  1. docker run -d -p 80:80 nimmis/apache
  2. container falis to bild the privileged port
  3. does not help to run as root

Hi nimmis!

You have to add NET_BIND_SERVICE capability : docker run -p 180:80 -d --cap-add NET_BIND_SERVICE nginx
It’s the same on linux.

1 Like

I don’t have to do that on an normal Linux installation (CentOS or Ubuntu)

This is how it looks on my Ubuntu 14.04
kjell@ubuntu:~$ docker run -d -p 80:80 nimmis/apache
76111a4fbd56842af61d29808439a8433704b78a609bce14372837a108f70337
kjell@ubuntu:~$

Do in it on the beta-docker gives the same error as before
$ docker run -p 80:80 -d --cap-add NET_BIND_SERVICE nimmis/apache
dd3607f370da774659f9ceec1e8f8e64a1c28983c378d1109462c45f9eb3c878
docker: Error response from daemon: driver failed programming external connectivity on endpoint prickly_bassi (a27281918354f7f94db2dd80b2e9a761892a24c66b0765749c4ad123fce27a41): Error starting userland proxy: failed to bind port: Unix.Unix_error(Unix.EACCES, “bind”, “”).

Can you try to run this : docker run -p 180:80 -d --cap-add NET_BIND_SERVICE nginx ?

I just try docker run -p 280:80 -d --cap-add NET_BIND_SERVICE nimmis/apache and it works on my mac.
(I use port 280 because 80 and 180 are already taken by an another container)

1 Like

Same result on beta-docker
$ docker run -p 180:80 -d --cap-add NET_BIND_SERVICE nginx
fa6744c99ada895c0e301801d60b2c214b6cfe3fd1f4eb44bf424ba993b95631
docker: Error response from daemon: driver failed programming external connectivity on endpoint adoring_brahmagupta (fc05cfcd198e1f7661930df1c9103a336d0eb8b6d389a0663d93379f0b6a1eb4): Error starting userland proxy: failed to bind port: Unix.Unix_error(Unix.EACCES, “bind”, “”).

same result with 280, i run Yosemite, i’ll try it on Mountain Lion later to see if there is any difference.

I had boot2docker installed before but removed it before installing beta-docker

I’m using El Capitan and I was using docker-machine / boot2docker before docker-beta.

I can’t help you more.

Hi, this is a known issue in VPN mode and will be fixed soon. If you are not using VPN mode can we have some more information?

That’s correct, disable VPN and privileged port works

Hey there! I’m attempting to migrate to docker for mac, but not being able to bind to a privileged port while using a VPN is a blocker for me - is there an issue somewhere where I can track progress on this issue?

Hi this should be resolved now.

Justin