icecast on port 80 - Airtime Support Discussions on Sourcefabric Forum

TVanek · Post edited by Andrey Podshivalov at 2012-03-14 06:50:07

Hi, I noticed problems when listening to some corporate networks to port 8000. So bring a solution to resize the icecast port 80 and 443

1) uncomment in / etc/icecast2/icecast.xml

         <changeowner>
             <user> nobody </ user>
             <group> nogroup </ group>
         </ changeowner>

2) change the lines /etc/default/icecast2

USERID = icecast2
Groupid = icecast

to

USERID = root
Groupid = root

3) set the logging rights.
chown nobody: nogroup / var/log/icecast2
chmod 777 / var/log/icecast2

4) / stop etc/init.d/icecast2

5) remove previous logs
rm / var/log/icecast2/access.log
rm / var/log/icecast2/error.log

6) restart the icecast / restart etc/init.d/icecast2

subsequently appear informative message
Changed groupid to the 1000
Changed userid to the 1000

Perhaps it will help someone too ;-)

Andrey Podshivalov

Since icecast stream is a http protocol you can use also any http-proxy server. Nginx works fine with icecast stream.

TVanek

Also there is a possibility through a proxy server. However, this is another service which can also unnecessarily burden the server

TVanek

For me it was the easiest solution to install and configure than other service on the server

Greg D

I did not have to do all that.

I just did step 2 except i used ICECAST2 as the user and NOGROUP as the group. Then did number 2.

Worked just fine without having to change any file or folder permissions

Roger Wilco

What's <chroot> all about?? X_X

Albert FR · Post edited by Albert FR at 2013-03-16 09:34:54

if you want changeowner available, you need chroot :-)

    <security>
        <chroot>1</chroot>
        <changeowner>
            <user>nobody</user>
            <group>nogroup</group>
        </changeowner>
    </security>

Roger Wilco · Post edited by Roger Wilco at 2013-03-16 10:47:53

Yeah, but what's chroot jail? I read some docs here and there, but the practical concept and application is over my head. Is it a relevant security function in 2013 on a modern Debian like Ubuntu/Precise?

At any rate, I too was able to get port 80 rolling by simply tweaking <changeowner> to icecast2/icecast and changing /etc/default/icecast2 over to root. <chroot> is still "0". Have I just opened the barn door? ~:> 3:-O

Albert FR

no, with changeowner available, you haven't opened the barn door
:-t
but nothing is really secure...
you can close others open ports, services, etc
really chroot icecast (search on google for tutorials)

Howdy, Stranger!

Categories

Poll

Top Posters