kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #41846
[Bug 1269053] Re: IBM Domino 'bindsock' cannot bind to ports <1024 since recent kernel 3.5.0-45.68
** Description changed:
Something has changed in Ubuntu's Kernel 3.5.0-45 32 & 64-bit Intel, has
prevented IBM Domino's "/opt/ibm/domino/notes/latest/linux/bindsock"
binary that runs as root (setuid) to get ports lower than 1024 for it's
LDAP, SMTP, IMAP, POP3, and HTTP processes. The IBM Domino Application
Server's parent process "/opt/ibm/domino/notes/latest/linux/server" runs
as a Service Account or a normal non-admin user, that launches
"bindsock"and others like "http", "ldap"....
In the Live Domino Console we're seeing the Application Server report:
- "Listener failure: 'bindsock' is missing, not executable, not owned by root, not setuid root or user needs net_privaddr privilege."
+ "Listener failure: 'bindsock' is missing, not executable, not owned by root, not setuid root or user needs net_privaddr privilege."
Another thing in the Live Domino Console, which is unusual is:
- "Error_CmdToDo_INVAL"... might be an IBM thang.
+ "Error_CmdToDo_INVAL"... might be an IBM thang.
A number of us have to hold back the kernel now and there's lots of scratching going on.
- http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=485F5F092833BCBE85257C33006AC7A3
+ http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=485F5F092833BCBE85257C33006AC7A3
It does seem to be limited to IBM Domino's "bindsock" binary and other
things are just fine, such as Nginx.
I have attached some files within the zip "ibm-domino-bindsock_strace.zip"
>>bindsock_binary_strace.txt
This is just running strace against the binary that isn't running in any process.
>> domino-server-pid1052_strace-f.txt
The IBM Domino Application Server ("/opt/ibm/domino/notes/latest/linux/server") is running as PID 1052 so this is what I applied "strace -f" to and towards the end, I told "server" to start the "http" process ("l http") which would then try launch "bindsock" (I hope).
Hopeully this first attempt at strace provides some good info for you
kind folks :-)
Many thanks
MR
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: linux-image-3.5.0-45-generic 3.5.0-45.68~precise1
ProcVersionSignature: Ubuntu 3.5.0-45.68~precise1-generic 3.5.7.26
Uname: Linux 3.5.0-45-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.25.
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: [Errno 2] No such file or directory
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info: Error: [Errno 2] No such file or directory
Card0.Amixer.values: Error: [Errno 2] No such file or directory
Date: Tue Jan 14 15:33:47 2014
HibernationDevice: RESUME=UUID=474adefd-59c4-4582-8d03-3c570137809d
InstallationMedia: Ubuntu-Server 12.04.2 LTS "Precise Pangolin" - Release amd64 (20130214)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb:
- Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
- Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
- Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
+ Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
+ Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
+ Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
MarkForUpload: True
ProcEnviron:
- SHELL=/bin/bash
- TERM=xterm
- PATH=(custom, no user)
- LANG=en_GB.UTF-8
- LANGUAGE=en_GB:en
+ SHELL=/bin/bash
+ TERM=xterm
+ PATH=(custom, no user)
+ LANG=en_GB.UTF-8
+ LANGUAGE=en_GB:en
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-45-generic root=UUID=a2842a37-9023-4e21-8460-a565465b7f67 ro
RelatedPackageVersions:
- linux-restricted-modules-3.5.0-45-generic N/A
- linux-backports-modules-3.5.0-45-generic N/A
- linux-firmware 1.79.9
+ linux-restricted-modules-3.5.0-45-generic N/A
+ linux-backports-modules-3.5.0-45-generic N/A
+ linux-firmware 1.79.9
RfKill: Error: [Errno 2] No such file or directory
SourcePackage: linux-lts-quantal
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
+
+
+ break-fix: - db31c55a6fb245fdbb752a2ca4aefec89afabb06
** Tags added: linux-break-fix
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1269053
Title:
IBM Domino 'bindsock' cannot bind to ports <1024 since recent kernel
3.5.0-45.68
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux” source package in Precise:
Fix Committed
Status in “linux-lts-quantal” source package in Precise:
Fix Committed
Status in “linux-lts-raring” source package in Precise:
Fix Committed
Status in “linux-lts-saucy” source package in Precise:
Fix Committed
Status in “linux” source package in Quantal:
Fix Committed
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux” source package in Saucy:
Fix Committed
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Bug description:
Something has changed in Ubuntu's Kernel 3.5.0-45 32 & 64-bit Intel,
has prevented IBM Domino's
"/opt/ibm/domino/notes/latest/linux/bindsock" binary that runs as root
(setuid) to get ports lower than 1024 for it's LDAP, SMTP, IMAP, POP3,
and HTTP processes. The IBM Domino Application Server's parent process
"/opt/ibm/domino/notes/latest/linux/server" runs as a Service Account
or a normal non-admin user, that launches "bindsock"and others like
"http", "ldap"....
In the Live Domino Console we're seeing the Application Server report:
"Listener failure: 'bindsock' is missing, not executable, not owned by root, not setuid root or user needs net_privaddr privilege."
Another thing in the Live Domino Console, which is unusual is:
"Error_CmdToDo_INVAL"... might be an IBM thang.
A number of us have to hold back the kernel now and there's lots of scratching going on.
http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=485F5F092833BCBE85257C33006AC7A3
It does seem to be limited to IBM Domino's "bindsock" binary and other
things are just fine, such as Nginx.
I have attached some files within the zip "ibm-domino-bindsock_strace.zip"
>>bindsock_binary_strace.txt
This is just running strace against the binary that isn't running in any process.
>> domino-server-pid1052_strace-f.txt
The IBM Domino Application Server ("/opt/ibm/domino/notes/latest/linux/server") is running as PID 1052 so this is what I applied "strace -f" to and towards the end, I told "server" to start the "http" process ("l http") which would then try launch "bindsock" (I hope).
Hopeully this first attempt at strace provides some good info for you
kind folks :-)
Many thanks
MR
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: linux-image-3.5.0-45-generic 3.5.0-45.68~precise1
ProcVersionSignature: Ubuntu 3.5.0-45.68~precise1-generic 3.5.7.26
Uname: Linux 3.5.0-45-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.25.
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: [Errno 2] No such file or directory
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info: Error: [Errno 2] No such file or directory
Card0.Amixer.values: Error: [Errno 2] No such file or directory
Date: Tue Jan 14 15:33:47 2014
HibernationDevice: RESUME=UUID=474adefd-59c4-4582-8d03-3c570137809d
InstallationMedia: Ubuntu-Server 12.04.2 LTS "Precise Pangolin" - Release amd64 (20130214)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb:
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
MarkForUpload: True
ProcEnviron:
SHELL=/bin/bash
TERM=xterm
PATH=(custom, no user)
LANG=en_GB.UTF-8
LANGUAGE=en_GB:en
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-45-generic root=UUID=a2842a37-9023-4e21-8460-a565465b7f67 ro
RelatedPackageVersions:
linux-restricted-modules-3.5.0-45-generic N/A
linux-backports-modules-3.5.0-45-generic N/A
linux-firmware 1.79.9
RfKill: Error: [Errno 2] No such file or directory
SourcePackage: linux-lts-quantal
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
break-fix: - db31c55a6fb245fdbb752a2ca4aefec89afabb06
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1269053/+subscriptions