icecast on port 80
  • Hi, I noticed problems when listening to some corporate networks to port 8000. So bring a solution to resize the icecast port 80 and 443


    1) uncomment in / etc/icecast2/icecast.xml

             <changeowner>
                 <user> nobody </ user>
                 <group> nogroup </ group>
             </ changeowner>

    2) change the lines
    /etc/default/icecast2


    USERID = icecast2
    Groupid = icecast

    to

    USERID = root
    Groupid = root

    3) set the logging rights.
    chown nobody: nogroup / var/log/icecast2
    chmod 777 / var/log/icecast2

    4) / stop etc/init.d/icecast2

    5) remove previous logs
    rm / var/log/icecast2/access.log
    rm / var/log/icecast2/error.log

    6) restart the icecast / restart etc/init.d/icecast2

    subsequently appear informative message
    Changed groupid to the 1000
    Changed userid to the 1000

    Perhaps it will help someone too ;-)
    Post edited by Andrey Podshivalov at 2012-03-14 06:50:07
  • 8 Comments sorted by
  • Vote Up0Vote Down Andrey PodshivalovAndrey Podshivalov
    Posts: 1,526Member, Administrator, Sourcefabric Team
    Since icecast stream is a http protocol you can use also any http-proxy server. Nginx works fine with icecast stream.
  • Also there is a possibility through a proxy server. However, this is another service which can also unnecessarily burden the server
  • For me it was the easiest solution to install and configure than other service on the server
  • I did not have to do all that.

    I just did step 2 except i used ICECAST2 as the user and NOGROUP as the group. Then did number 2. 

    Worked just fine without having to change any file or folder permissions
  • What's <chroot> all about??  X_X
  • Vote Up0Vote Down Albert FRAlbert FR
    Posts: 1,978Member, Airtime Moderator
    if you want changeowner available, you need chroot :-)

        <security>
            <chroot>1</chroot>
            <changeowner>
                <user>nobody</user>
                <group>nogroup</group>
            </changeowner>
        </security>


    Post edited by Albert FR at 2013-03-16 09:34:54
  • Yeah, but what's chroot jail? I read some docs here and there, but the practical concept and application is over my head. Is it a relevant security function in 2013 on a modern Debian like Ubuntu/Precise?

    At any rate, I too was able to get port 80 rolling by simply tweaking <changeowner> to icecast2/icecast and changing /etc/default/icecast2 over to root. <chroot> is still "0". Have I just opened the barn door? ~:> 3:-O
    Post edited by Roger Wilco at 2013-03-16 10:47:53
  • Vote Up0Vote Down Albert FRAlbert FR
    Posts: 1,978Member, Airtime Moderator
    no, with changeowner available, you haven't opened the barn door
    :-t
    but nothing is really secure...
    you can close others open ports, services, etc
    really chroot icecast (search on google for tutorials)