ansible,docker: ensure <1024 are privileged ports #2521
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Since Docker 20.10.0 @ 2020-12-08, port binding has been made unrestricted. This change undoes that by ensuring that <1024 are privileged. Node.js' test suite assumes that binding to a lower port will result in a privilege failure so we need to create an environment suitable for that assumption. Ref: nodejs/node#36847
Trott
approved these changes
Jan 9, 2021
richardlau
approved these changes
Jan 9, 2021
AshCripps
approved these changes
Jan 9, 2021
2 tasks
rvagg
added a commit
to rvagg/io.js
that referenced
this pull request
Jan 12, 2021
This reverts commit a45a404. Solved by marking ports <1024 as privileged on Docker containers. Ref: nodejs#36850 Ref: nodejs#36847 Ref: nodejs/build#2521
|
Ran create.yml in this branch against the Pi cluster, test run came back full green |
aduh95
pushed a commit
to nodejs/node
that referenced
this pull request
Jan 18, 2021
This reverts commit a45a404. Solved by marking ports <1024 as privileged on Docker containers. Ref: #36850 Ref: #36847 Ref: nodejs/build#2521 PR-URL: #36884 Refs: #36850 Refs: #36847 Refs: nodejs/build#2521 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Daijiro Wachi <[email protected]> Reviewed-By: Ash Cripps <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
ruyadorno
pushed a commit
to nodejs/node
that referenced
this pull request
Jan 22, 2021
This reverts commit a45a404. Solved by marking ports <1024 as privileged on Docker containers. Ref: #36850 Ref: #36847 Ref: nodejs/build#2521 PR-URL: #36884 Refs: #36850 Refs: #36847 Refs: nodejs/build#2521 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Daijiro Wachi <[email protected]> Reviewed-By: Ash Cripps <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Since Docker 20.10.0 @ 2020-12-08, port binding has been made unrestricted.
This change undoes that by ensuring that <1024 are privileged. Node.js' test
suite assumes that binding to a lower port will result in a privilege failure
so we need to create an environment suitable for that assumption.
Ref: nodejs/node#36847