GCP Compute Engine - cannot listen on port 80?

Question

I created a compute engine which has these network tags and firewall rules:

So if I understand this correctly, the machine is allowed to listen on port 80. I installed node and created a really simple http server just to see if I can reach the box via http. Logged in via ssh on cloud console. When I try to start it (e.g. npm start to run the server), it says:

Error: listen EACCES: permission denied 0.0.0.0:80

Why? How to resolve?

I read somewhere that low port #s are usually restricted to root user, so I tried sudo it says sudo: npm: command not found and similar for sudo node.

Also why is that when you create a server using scripts like these, the article says they are executed as root? How does that happen and why am I not executing as root when I'm the one who booted up the machine and logged in as myself? Yes, my understanding of linux perms is very newbie.

Thanks...

Answer 1

In order to use TCP ports lower than 1024 you node server must run with root privileges. TCP ports 1024 and higher do not require privilege.

When you login to a Google Cloud Compute Engine instance, you are loggin in as a normal user. You do not have root privilege. To grant root privilege to a command, prefix it with sudo. Example: sudo mkdir /directoryname.

I do NOT recommend running node servers with root privilege. This opens a possibly serious security hole in your system. Search the Internet on this topic before deciding.

Your choices are:

1. Select a port above 1023. Common port numbers: 8000, 8080, 5000.
2. Start the node server with root privileges: sudo node hello.js

In regards to npm not being found. You will need to modify the environment's PATH variable to include the location of where you installed your node toolset for the user root.