How to allow non-root user to listen on privileged port?

Solution 1:

setcap 'cap_net_bind_service=+ep' /path/to/syslogd

Requires a not-ancient linux kernel (2.6.24 or later)

Solution 2:

You could configure rinetd (available in most, if not all, distribution's standard repositories) to listen on port 514 and forward connections to some other port (above 1024, say 1514). That way the non-privileged user process can listen on 1514 and rinetd will forward connections so it appears to be listening on 514.

This will only work for TCP connections though. If you need to support UDP (or anything else) this way as well as or instead of TCP, then you can use iptables translation rules to achieve the same effect.

Solution 3:

Just found a very good discussion of this here: https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-1024-on-li

Doesn't look easy