Startup permissions issue in Debian Lenny

[quantumthomas]

I have a debian server running Lenny with Transmission 1.40 (7096). As root the following command runs transmission with a web interface as run by rc.local or over the command shell.

transmission-daemon -a 192.168.1.* -T -p 80

However I do not wish to run it with root privileges.

sudo -u username transmission-daemon -a 192.168.1.* -T -p 80

That does not work. the process runs without error message but I cannot connect to the web interface. Running the command from the users prompt also does not work and the init script has the same issue with the automatically installed debian-transmission user. Seems there is some permission problem blocking the web interface.

I have also edited /etc/default/transmission-daemon as follows to use the init script as an alternative to the command line or rc.local.

# defaults for transmission-daemon
# sourced by /etc/init.d/transmission-daemon

# change to 1 to enable daemon
ENABLE_DAEMON=1

# this directory stores some runtime information, like torrent files and config
CONFIG_DIR="/var/lib/transmission-daemon/info"

# default options for daemon, see transmission-daemon(1) for more options
OPTIONS="--allowed 192.168.1.* --no-auth --port 80 --config-dir $CONFIG_DIR"

But again no change.

So I think it may be a socket permission error. How do I fix it ?

[Gimp]

Port numbers under 1024 are root only

If you wish to use the web interface as non-root, you must use a port number greater than 1024.

[Jordan]

Port numbers under 1024 are root only

If you wish to use the web interface as non-root, you must use a port number greater than 1024.

Right, and that's not a Transmission constraint; that's an OS constraint.

[skynexus]

Port numbers under 1024 are root only

Right, and that's not a Transmission constraint; that's an OS constraint.

Yes and no - it is a OS constraint, but it is also a limitation in transmission to deal with that constraint. Basically, transmission-daemon needs to start as root, open its port, and then switch to the desired user and group. This requires it to provide a -user option and a -group option so one can specify which user and group it should switch to once started. It is very important to remember that the port needs to be assigned while the process still has root privileges, that is, before switching the user and group (I've seen other implementations get this bit wrong, very annoying).

In sum, the OS imposing this kind of constraint is no impediment if the implementation is there. Unfortunately, transmission-daemon does not seem to handle this scenario.