[stunnel-users] Using stunnel as a non-root user

• Previous message (by thread): [stunnel-users] Stunnel never really connects
• Next message (by thread): [stunnel-users] Using stunnel as a non-root user
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have a small web application running as a regular (non root) user on
my port 6666. I would like to make it accessible through SSL on port
7777.  In order to test it I used (as the same non root user) the
following command:

    stunnel -D 7 -p mypemfile.pem -d 7777 -r localhost:6666

but it does not work. When I check with "ps aux | fgrep stunnel", no
such program is running.

However if I run it as root, it does work. I did not find in the
documentation any restriction with this regard. Since my final
application will run on a machine to whose root I do not have access,
I would like to find a way to solve this problem.

Any hint will be appreciated.

-- tsf

-----------------------------------------

My system data are:

(1) Linux/Ubuntu 7.10, kernel 2.6.22-14-generic,

(2) Output of "/usr/bin/stunnel4 -version":

stunnel 4.20 on i486-pc-linux-gnu with OpenSSL 0.9.8e 23 Feb 2007
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP

Global options
debug           = 5
pid             = /var/run/stunnel4.pid
RNDbytes        = 64
RNDfile         = /dev/urandom
RNDoverwrite    = yes

Service-level options
cert            = /etc/stunnel/stunnel.pem
ciphers         = ALL:!ADH:+RC4:@STRENGTH
key             = /etc/stunnel/stunnel.pem
session         = 300 seconds
sslVersion      = SSLv3 for client, all for server
TIMEOUTbusy     = 300 seconds
TIMEOUTclose    = 60 seconds
TIMEOUTconnect  = 10 seconds
TIMEOUTidle     = 43200 seconds
verify          = none

(3) Output due to '-D 7' option:

2007.12.20 10:00:45 LOG7[14820:3082589872]: Snagged 64 random bytes
from /home/tomasz/.rnd
2007.12.20 10:00:45 LOG7[14820:3082589872]: Wrote 1024 new random
bytes to /home/tomasz/.rnd
2007.12.20 10:00:45 LOG7[14820:3082589872]: RAND_status claims
sufficient entropy for the PRNG
2007.12.20 10:00:45 LOG7[14820:3082589872]: PRNG seeded successfully
2007.12.20 10:00:45 LOG7[14820:3082589872]: Certificate: jai_ssl.pem
2007.12.20 10:00:45 LOG7[14820:3082589872]: Certificate loaded
2007.12.20 10:00:45 LOG7[14820:3082589872]: Key file: jai_ssl.pem
2007.12.20 10:00:45 LOG7[14820:3082589872]: Private key loaded
2007.12.20 10:00:45 LOG7[14820:3082589872]: SSL context initialized
for service stunnel3

(4)"/usr/bin/stunnel" is a Perl script whose comments say " ...
wrapper  to use stunnel 3.x syntax in stunnel >=4.05 ..."; it is
version 2.00 (2005.04.2).

• Previous message (by thread): [stunnel-users] Stunnel never really connects
• Next message (by thread): [stunnel-users] Using stunnel as a non-root user
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]