The portreserve problem: is systemd the solution?

Wednesday, February 15th, 2012

Quite a while ago I wrote portreserve, a utility to prevent ports getting stolen at boot time by portmap. This would happen with CUPS, for example: portmap starts first (to allow for NFS-mounted filesystems), and calls bindresvport(). If the privileged (i.e. in the range 512-1023) port it allocates happens to be 631, when CUPS starts and tries to bind that port it fails. This didn’t just affect CUPS, but any service with a well known port in the privileged range.