User Tools
Sidebar
Let OpenSearch Dashboards (debian) run on standard ports (HTTP :80 or HTTPS :443)
Without changing the default configuration, OpenSearch Dashboards (OS-D) is listening at port 5601 for either HTTP or HTTPS.
In /etc/opensearch-dashboards/opensearch_dashboards.yml the line server.port: 5601 is setting this explicit.
When the standard port for HTTP (:443) is configured for OS-D in opensearch_dashboards.yml
server.port: 443
OS-D fails to start the next time with:
FATAL Error: listen EACCES: permission denied 0.0.0.0:443
When running this as root, the service starts.
The problem is that OS-D is lacking the permissions to bind to the standard ports by default.
NOTE: The following solution needs to be repeated when OS-D is updated by apt.
Solution
As root or with sudo run:
systemctl edit opensearch-dashboards.service
Between the lines on top
### Anything between here and the comment below will become the contents of the drop-in file
and
### Edits below this comment will be discarded
insert the code to allow the use of ports below 1024:
### Editing /etc/systemd/system/opensearch-dashboards.service.d/override.conf ### Anything between here and the comment below will become the contents of the drop-in file [Service] # Grant capability to use ports below 1024 CapabilityBoundingSet=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE # Disable PrivateUsers otherwise capability won't work PrivateUsers=false ### Edits below this comment will be discarded
Then restart the daemon:
systemctl daemon-reexec systemctl daemon-reload
and then the service:
systemctl restart opensearch-dashboards.service
OpenSearch-Dashboards should now be available on the desired port.