code-server should print error when it can't listen on ports < 1024
code-serverversion: 1.1156-vsc1.33.1- OS Version: Ubuntu 18.4 LTS on Azure
Description
As #737 states, code-server is giving a connection refused error when listening on ports 80 or 443. All other ports work as expected. This is due to the fact that the server does not bind itself to the ports 80 or 443, so the provider has no available listener to answer the socket.
Steps to Reproduce
- Run code-server as of
./code-server -p 80 -H & - Run
sudo netstat -tnlpand see there's no code-server process running
- Do the same thing for port 443
- Try with a different port passing
-p 2345 - Run
sudo netstat -tnlpagain - Code-server appears as a listener
khaosdoctor
All 4 comments
If you're using any ports less than 1024 you'll need to run as root or with sudo. Leaving this open as code-server should be erroring out when it can't listen on the specified port.
deansheather
on 22 Jul 2019
Oh! Thanks for the quick response! Will try with sudo
khaosdoctor
on 22 Jul 2019
It is possible for code-server or other user services to bind to ports lower than 1024, but only if you tell the kernel to ignore that 'root-only' restriction. Something about using setcap CAP_NET_BIND_SERVICE to give permission.
I would however... NEVER however run code-server as root. Unless that server was specifically designed to do so, like apache, that creates non-root worker processes, it is simply not a good idea.
User access to root even in a docker container is really a BAD IDEA! And code server can provide not only file access, but terminal access! As such Sudo is a not a good solution.
antofthy
on 27 Jul 2019
v2 will now error and report something like:
error listen EACCES: permission denied 0.0.0.0:80
code-asher
on 1 Nov 2019
Related issues
sa7mon
路
3Comments
nol166
路
3Comments
broady
路
3Comments
infogulch
路
3Comments
avelino
路
3Comments