21.4.4 url only reachable through 9392

I’m testing this on Debian 11 Bullseye. Kernel 5.10.0-13. Here is what I found.

Debian is not allowing the service to start on ports below 1024. I thought the User= and Group= lines in gsad.service took care of that, but apparently not.

I could only get the service to start with port 443 if I changed the gsad.service lines to…
User=root
Group=root

I also added the --drop-privileges=gvm option to the end of the ExecStart line. This leaves the gsad process running as user gvm.

The service wants ssl certificates, so I had to run …
sudo gvm-manage-certs -a

Give gvm user ownership to the certificates with …
sudo chown -R gvm:gvm /var/lib/gvm

The ExecStart line looks like this…
ExecStart=/usr/local/sbin/gsad --port=443 --no-redirect --drop-privileges=gvm

I am not a developer, so I don’t know why the gsad.service file is not starting the process as root, and then dropping privileges the way it should.

Hope this helps.