Skip to content

Commit 6c3a388

Browse files
foxriver76foxriver76
authored
fixed UI upgrade if admin is running on privileged port (<1024) (#2986)
1 parent f37e12a commit 6c3a388

File tree

2 files changed

+26
-15
lines changed

2 files changed

+26
-15
lines changed

CHANGELOG.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,13 @@
44
## __WORK IN PROGRESS__
55
-->
66

7-
## 7.0.5 (2024-12-07)
7+
## __WORK IN PROGRESS__ - Lucy
8+
* (@foxriver76) fixed UI upgrade if admin is running on privileged port (<1024)
9+
10+
## 7.0.5 (2024-12-07) - Lucy
811
* (@foxriver76) fixed UI upgrade for non-systemd systems
912

10-
## 7.0.4 (2024-12-04)
13+
## 7.0.4 (2024-12-04) - Lucy
1114
* (@Apollon77) Fixes async usage of extendObject
1215
* (@Apollon77) Makes setObject async save
1316
* (@foxriver76) deprecated `set(Foreign)ObjectAsync` as the non async methods are now working correctly with promises

packages/controller/src/lib/upgradeManager.ts

Lines changed: 21 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -97,14 +97,12 @@ class UpgradeManager {
9797
this.logger = this.setupLogger();
9898
this.gid = args.gid;
9999
this.uid = args.uid;
100-
101-
this.applyUser();
102100
}
103101

104102
/**
105103
* To prevent commands (including npm) running as root, we apply the passed in gid and uid
106104
*/
107-
private applyUser(): void {
105+
applyUser(): void {
108106
if (!process.setuid || !process.setgid) {
109107
const errMessage = 'Cannot ensure user and group ids on this system, because no POSIX platform';
110108
this.log(errMessage, true);
@@ -236,12 +234,12 @@ class UpgradeManager {
236234
*
237235
* @param params Web server configuration
238236
*/
239-
startWebServer(params: WebServerParameters): void {
237+
async startWebServer(params: WebServerParameters): Promise<void> {
240238
const { useHttps } = params;
241239
if (useHttps) {
242-
this.startSecureWebServer(params);
240+
await this.startSecureWebServer(params);
243241
} else {
244-
this.startInsecureWebServer(params);
242+
await this.startInsecureWebServer(params);
245243
}
246244
}
247245

@@ -300,7 +298,7 @@ class UpgradeManager {
300298
*
301299
* @param params Web server configuration
302300
*/
303-
startInsecureWebServer(params: InsecureWebServerParameters): void {
301+
async startInsecureWebServer(params: InsecureWebServerParameters): Promise<void> {
304302
const { port } = params;
305303

306304
this.server = http.createServer((_req, res) => {
@@ -309,17 +307,21 @@ class UpgradeManager {
309307

310308
this.monitorSockets(this.server);
311309

312-
this.server.listen(port, () => {
313-
this.log(`Server is running on http://localhost:${port}`);
310+
await new Promise<void>(resolve => {
311+
this.server!.listen(port, () => {
312+
resolve();
313+
});
314314
});
315+
316+
this.log(`Server is running on http://localhost:${port}`);
315317
}
316318

317319
/**
318320
* Start a secure web server for admin communication
319321
*
320322
* @param params Web server configuration
321323
*/
322-
startSecureWebServer(params: SecureWebServerParameters): void {
324+
async startSecureWebServer(params: SecureWebServerParameters): Promise<void> {
323325
const { port, certPublic, certPrivate } = params;
324326

325327
this.server = https.createServer({ key: certPrivate, cert: certPublic }, (_req, res) => {
@@ -328,9 +330,13 @@ class UpgradeManager {
328330

329331
this.monitorSockets(this.server);
330332

331-
this.server.listen(port, () => {
332-
this.log(`Server is running on https://localhost:${port}`);
333+
await new Promise<void>(resolve => {
334+
this.server!.listen(port, () => {
335+
resolve();
336+
});
333337
});
338+
339+
this.log(`Server is running on https://localhost:${port}`);
334340
}
335341

336342
/**
@@ -443,7 +449,9 @@ async function main(): Promise<void> {
443449
await upgradeManager.stopController();
444450
upgradeManager.log('Successfully stopped js-controller');
445451

446-
upgradeManager.startWebServer(webServerParameters);
452+
await upgradeManager.startWebServer(webServerParameters);
453+
// do this after web server is started, else we cannot bind on privileged ports after using setgid
454+
upgradeManager.applyUser();
447455

448456
try {
449457
await upgradeManager.npmInstall();

0 commit comments

Comments
 (0)