code-server should print error when it can't listen on ports < 1024

[khaosdoctor]

• code-server version: 1.1156-vsc1.33.1
• OS Version: Ubuntu 18.4 LTS on Azure

Description

As #737 states, code-server is giving a connection refused error when listening on ports 80 or 443. All other ports work as expected. This is due to the fact that the server does not bind itself to the ports 80 or 443, so the provider has no available listener to answer the socket.

Steps to Reproduce

1. Run code-server as of ./code-server -p 80 -H &
2. Run sudo netstat -tnlp and see there's no code-server process running

3. Do the same thing for port 443
4. Try with a different port passing -p 2345
5. Run sudo netstat -tnlp again
6. Code-server appears as a listener

[deansheather]

If you're using any ports less than 1024 you'll need to run as root or with sudo. Leaving this open as code-server should be erroring out when it can't listen on the specified port.

[khaosdoctor]

Oh! Thanks for the quick response! Will try with sudo

[antofthy]

It is possible for code-server or other user services to bind to ports lower than 1024, but only if you tell the kernel to ignore that 'root-only' restriction. Something about using setcap CAP_NET_BIND_SERVICE to give permission.

I would however... NEVER however run code-server as root. Unless that server was specifically designed to do so, like apache, that creates non-root worker processes, it is simply not a good idea.

User access to root even in a docker container is really a BAD IDEA! And code server can provide not only file access, but terminal access! As such Sudo is a not a good solution.

[code-asher]

v2 will now error and report something like:

error listen EACCES: permission denied 0.0.0.0:80