Skip to Content

Unix prevents non root users from starting privileged ports under 1024. 

  1. Log into the Unix SAP web dispatcher as root or any user with sudo ability
  2. Copy the icmbnd.new to icmbnd in the webdispatcher kernel directory
    1. cd /sapmnt/WEB/exe/nuc/linuxx86_64
    2. cp –p icmbnd.new icmbnd
  3. Change the owner and group of the icmbnd file
    1. chown root:sapsys icmbnd
  4. Change the setuid for the icmbnd
    1. chmod 4750 icmbnd
  5. Disallow web dispatcher from binding the port
    1. icm/server_port_2 = PROT=HTTP, PORT=80, TIMEOUT=10, HOST=nimblwebd, EXTBIND=1
  6. Check the profile after changes
    1. /sapmnt/<SID>/exe/nuc/linuxx86_64/sapwebdisp pf=/sapmnt/<SID>/profile/WEB_W00_webd –checkconfig
  7. Confirm the port is listening
    1. netstat –an | grep 80
To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply