napalm-registry should pick a random port #10
Comments
aszlig
added a commit
to aszlig/napalm
that referenced
this issue
Oct 17, 2020
This is an alternative solution to pull request nix-community#21, which implements picking a random TCP port for the registry. While I haven't found the exact reason why it has to be randomized, I can only guess that it's to prevent port conflicts in unsandboxed builds. The implementation also has few ugly workarounds (eg. using lsof to get the port number), but the main issue I see is that even if the port is random, any user/process on the system can still connect to that port. So instead of picking a random TCP port, let's simply not use IP sockets at all and use ip2unix to force NPM into connecting to the Unix socket. We're now using a dummy IP address (127.0.0.100) for the registry URL in order to be able to match the registry URL in the ip2unix rule as a distinct host and at the same time prevent silent failure in case we forgot to transform/wrap sockets at some point. Signed-off-by: aszlig <aszlig@nix.build> Fixes: nix-community#4, nix-community#10
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Right now the registry always uses 8081. Instead it should try to find a random port.
The text was updated successfully, but these errors were encountered: