Jsvc apache 守护进程未使用 root 权限绑定低于 1024 的端口

Jsvc apache daemon not binding port below 1024 with root privileges

我正在尝试以 root 用户身份执行一个监听端口 636 的守护进程,但我得到 java.net.BindException。 OS 是 CentOS 7. 我的脚本中是否遗漏了什么?

    Service exit with a return value of 5
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
Caused by: java.net.BindException: Permiso denegado
        at java.net.PlainSocketImpl.socketBind(Native Method)
        at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:387)
        at java.net.ServerSocket.bind(ServerSocket.java:375)
        at java.net.ServerSocket.<init>(ServerSocket.java:237)
        at java.net.ServerSocket.<init>(ServerSocket.java:181)
        at javax.net.ssl.SSLServerSocket.<init>(SSLServerSocket.java:136)
        at sun.security.ssl.SSLServerSocketImpl.<init>(SSLServerSocketImpl.java:113)
        at sun.security.ssl.SSLServerSocketFactoryImpl.createServerSocket(SSLServerSocketFactoryImpl.java:79)
        at com.wiacts.ldap.server.LdapServer.start(LdapServer.java:77)
        at com.wiacts.ldap.server.LdapServer.start(LdapServer.java:110)
        ... 5 more

这是我start/stop守护程序

的脚本
#! /bin/sh
#  /etc/init.d/ldap-server

### BEGIN INIT INFO
# Provides:          ldap-server
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Starts the ldap-server service
# Description:       This file is used to start the daemon
#                    and should be placed in /etc/init.d
### END INIT INFO

# Author:   Sheldon Neilson <sheldon[AT]neilson.co.za>
# Url:      www.neilson.co.za
# Date:     25/04/2013

NAME="ldap-server"
DESC="Ldap server"

# The path to Jsvc
EXEC="/usr/bin/jsvc"

# The path to the folder containing MyDaemon.jar
FILE_PATH="/home/centos/git/LDAPAuth/target/ldap-server"

# The path to the folder containing the java runtime
JAVA_HOME="/usr/java/jdk1.8.0_102"

# Our classpath including our jar file and the Apache Commons Daemon library
CLASS_PATH="$FILE_PATH/ldap-server-1.0.jar:$FILE_PATH/lib/commons-daemon-1.0.15.jar"

# The fully qualified name of the class to execute
CLASS="com.wiacts.ldap.server.LdapServer"

# Any command line arguments to be passed to the our Java Daemon implementations init() method
#ARGS="myArg1 myArg2 myArg3"

#The user to run the daemon as
USER="root"

# The file that will contain our process identification number (pid) for other scripts/programs that need to access it.
PID="/var/run/$NAME.pid"

# System.out writes to this file...
LOG_OUT="$FILE_PATH/log/$NAME.log"

# System.err writes to this file...
LOG_ERR="$FILE_PATH/log/$NAME.err"

jsvc_exec()
{  
    cd $FILE_PATH
    $EXEC -home $JAVA_HOME -cp $CLASS_PATH -user $USER -outfile $LOG_OUT -errfile $LOG_ERR -pidfile $PID  $CLASS $ARGS
}

case "" in
    start) 
        echo "Starting the $DESC..."       

        # Start the service
        jsvc_exec

        echo "The $DESC has started."
    ;;
    stop)
        echo "Stopping the $DESC..."

        # Stop the service
        jsvc_exec "-stop"      

        echo "The $DESC has stopped."
    ;;
    restart)
        if [ -f "$PID" ]; then

            echo "Restarting the $DESC..."

            # Stop the service
            jsvc_exec "-stop"

            # Start the service
            jsvc_exec

            echo "The $DESC has restarted."
        else
            echo "Daemon not running, no action taken"
            exit 1
        fi
            ;;
    *)
    echo "Usage: /etc/init.d/$NAME {start|stop|restart}" >&2
    exit 3
    ;;
esac

为了回答我自己的问题,apache 守护进程要求将所有需要 root 权限的操作放在 init() 方法中。