Logging in as root on Mac OS X to configure MassTransit listens on ports less than 1024 (primarily affects FTP and default SSL port)
- Document Type:
With the initial release of MassTransit 4.2 and later for Mac OS X, it is necessary to be logged into the machine as the special root user to enable listens on ports less than 1024. This is necessary when using MassTransit as an FTP server (listens on port 21) and for SSL listens on the standard 443 port. It would also apply if you choose to enable TCP/IP or SSL listens on other ports less than 1024. This limitation will be addressed in a future release.
If MassTransit is running as any other user than root and listens on ports less than 1024 are enabled, you will see the one of the following error message in the Status window and in the Log:
“TCP/IP Secure reports: Could not listen on that port or socket. MassTransit must be running with root privileges to listen on ports less than 1024. [-3212] (40005)”
“Initialization of the FTP server failed [-3212]. MassTransit must be running with root privileges to listen with FTP.”
Note: This affects listens for incoming calls only. MassTransit can place outgoing calls on any port even when not running as root. When using MassTransit as an FTP client the calls are outgoing and the root user requirement does not apply as it would when using MassTransit as an FTP server.
The root user has full permissions to access and modify all files and settings in Mac OS X. The root user is also the only user with permissions to listen on ports below 1024, including the standard FTP port. If you want to configure MassTransit with an FTP server or to listen on other ports in this range, you will need to run MassTransit as root.
Please note that running as root is a potential security risk. If a hacker were to gain access to a machine running as root, they would have the potential to access it in ways that would not be possible with a more restricted user.
Running MassTransit as root will cause the MassTransit preferences file to be accessible only to the root user. If MassTransit is later switched to run under a different user, the permissions on the preferences will need to be adjusted.
ENABLING THE ROOT USER
On Mac OS X Server, the root user is enabled by default. You do not need to perform any additional steps to enable the root user, although you will need to log in as the root user.
By default, the regular, non-server version of Mac OS X installs with the root user disabled for security reasons. To enable the root user, launch the NetInfo Manager utility, found in /Applications/Utilities/NetInfo Manager. Select “Authenticate” on the Security menu and enter an administrative user name and password. Authenticating will enable the “Enable root user” menu item on the Security menu. Select this item. You will be asked to enter and confirm a root password for the newly-enabled root user. Once you enter these values, root will be enabled. Quit NetInfo Manager.
LOGGING IN AS ROOT
The root user will not appear in the list of users on the Mac OS X login screen. In order to log in to the system as root, you may need to make changes to the system preferences for login. Open the System Preferences dialog. Open the “Accounts” configuration. Go to the “Login Options” tab. Select “Display Login Window as: Name and password.” Close the System Preferences dialog. Log out of the system. The login prompt should now show username and password dialogs instead of a list of users. Enter “root” as your login name and your password to log into the system as root.
See this Apple Knowledge Base article for more details on the root user and how to enable it: