Note: Likely this issue is not be solvable by this project. In this case please advice where to send according request for fixing
As node-red is started as non-root user it does not have sufficient permissions to bind ports with lower portnumbers for security reasons. This is leading to problems e.g. when trying to setup a modbus server using modbus-server node that trys binding to standard modbus port 502. For compatibility reasons with other bus devices, it is not an option to move to a higher port in certain use cases.
To Reproduce
Take modbus-server node from nodered-contrib-modbus palette
Use standard settings to bind to 0.0.0.0 port 502
Error Messages appear in debug window
To cross-check:
Stop Node-red services via Cerbo Remote Console
Start node-red manually as root user from ssh console
Now run flow with mode-bus server again
Result: No Error :)
Expected behavior
Node-red installations on other linux systems appear to address this issue by allowing to set port binding capabilities for the node-red binary/process with setcap command like _"sudo setcap 'cap_net_bindservice=+ep' /usr/local/bin/node" . Unfortunately the large image for cerbo gx does not contain the setcap tool.
I suggest to
a) add the setcap related tools to the large image
b) consider setting binding permissions for node-red by default or allowing user to set it as configuration option
Hardware (please complete the following information):
Hardware: Cerbo GX
Software (please complete the following information):
node-red-contrib-victron version:
Venus OS version:
Linux einstein 5.10.109-venus-11 #1 SMP Mon Jul 17 18:21:50 UTC 2023 armv7l GNU/Linux
Firmware 3.01, Large Image Build: 20230717162050
Describe the bug
Note: Likely this issue is not be solvable by this project. In this case please advice where to send according request for fixing
As node-red is started as non-root user it does not have sufficient permissions to bind ports with lower portnumbers for security reasons. This is leading to problems e.g. when trying to setup a modbus server using modbus-server node that trys binding to standard modbus port 502. For compatibility reasons with other bus devices, it is not an option to move to a higher port in certain use cases.
To Reproduce
Take modbus-server node from nodered-contrib-modbus palette
Use standard settings to bind to 0.0.0.0 port 502
Error Messages appear in debug window
To cross-check:
Expected behavior Node-red installations on other linux systems appear to address this issue by allowing to set port binding capabilities for the node-red binary/process with setcap command like _"sudo setcap 'cap_net_bindservice=+ep' /usr/local/bin/node" . Unfortunately the large image for cerbo gx does not contain the setcap tool.
I suggest to a) add the setcap related tools to the large image b) consider setting binding permissions for node-red by default or allowing user to set it as configuration option
Hardware (please complete the following information):
Software (please complete the following information):