kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #44021
Re: [Bug 1269053] Re: IBM Domino 'bindsock' cannot bind to ports <1024 since recent kernel 3.5.0-45.68
I had to revert to Ubuntu server 13.04 that did not have the bug in order
to keep my business running on IBM Domino. Will this kernel fix work on
13.04? If not, I will not be able to test the fix.
73 & Cheers,
Ken Behrens
IBM Certified Advanced Application Developer Lotus Notes & Domino 7
MicroBlue Software, LLC
KB0YLN
E-mail: khbehrens@xxxxxxxxxxxxxxxxxxxxx
Web site: http://www.MicroBlueSoftware.com
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
To: khbehrens@xxxxxxxxxxxxxxxxxxxxx
Date: 02/06/2014 11:50 AM
Subject: [Bug 1269053] Re: IBM Domino 'bindsock' cannot bind to
ports <1024 since recent kernel 3.5.0-45.68
Sent by: bounces@xxxxxxxxxxxxx
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
saucy' to 'verification-done-saucy'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: verification-needed-saucy
--
You received this bug notification because you are subscribed to the bug
report.
https://bugs.launchpad.net/bugs/1269053
Title:
IBM Domino 'bindsock' cannot bind to ports <1024 since recent kernel
3.5.0-45.68
Status in ?linux? package in Ubuntu:
Fix Released
Status in ?linux-lts-quantal? package in Ubuntu:
Invalid
Status in ?linux-lts-raring? package in Ubuntu:
Invalid
Status in ?linux-lts-saucy? package in Ubuntu:
Invalid
Status in ?linux? source package in Precise:
Fix Committed
Status in ?linux-lts-quantal? source package in Precise:
Confirmed
Status in ?linux-lts-raring? source package in Precise:
Fix Committed
Status in ?linux-lts-saucy? source package in Precise:
Fix Committed
Status in ?linux? source package in Quantal:
Fix Committed
Status in ?linux-lts-quantal? source package in Quantal:
Invalid
Status in ?linux-lts-raring? source package in Quantal:
Invalid
Status in ?linux-lts-saucy? source package in Quantal:
Invalid
Status in ?linux? source package in Saucy:
Fix Committed
Status in ?linux-lts-quantal? source package in Saucy:
Invalid
Status in ?linux-lts-raring? source package in Saucy:
Invalid
Status in ?linux-lts-saucy? source package in Saucy:
Invalid
Status in ?linux? source package in Trusty:
Fix Released
Status in ?linux-lts-quantal? source package in Trusty:
Invalid
Status in ?linux-lts-raring? source package in Trusty:
Invalid
Status in ?linux-lts-saucy? source package in Trusty:
Invalid
Bug description:
Something has changed in Ubuntu's Kernel 3.5.0-45 32 & 64-bit Intel,
has prevented IBM Domino's
"/opt/ibm/domino/notes/latest/linux/bindsock" binary that runs as root
(setuid) to get ports lower than 1024 for it's LDAP, SMTP, IMAP, POP3,
and HTTP processes. The IBM Domino Application Server's parent process
"/opt/ibm/domino/notes/latest/linux/server" runs as a Service Account
or a normal non-admin user, that launches "bindsock"and others like
"http", "ldap"....
In the Live Domino Console we're seeing the Application Server report:
"Listener failure: 'bindsock' is missing, not executable, not owned by
root, not setuid root or user needs net_privaddr privilege."
Another thing in the Live Domino Console, which is unusual is:
"Error_CmdToDo_INVAL"... might be an IBM thang.
A number of us have to hold back the kernel now and there's lots of
scratching going on.
http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=485F5F092833BCBE85257C33006AC7A3
It does seem to be limited to IBM Domino's "bindsock" binary and other
things are just fine, such as Nginx.
I have attached some files within the zip
"ibm-domino-bindsock_strace.zip"
>>bindsock_binary_strace.txt
This is just running strace against the binary that isn't running in any
process.
>> domino-server-pid1052_strace-f.txt
The IBM Domino Application Server
("/opt/ibm/domino/notes/latest/linux/server") is running as PID 1052 so
this is what I applied "strace -f" to and towards the end, I told "server"
to start the "http" process ("l http") which would then try launch
"bindsock" (I hope).
Hopeully this first attempt at strace provides some good info for you
kind folks :-)
Many thanks
MR
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: linux-image-3.5.0-45-generic 3.5.0-45.68~precise1
ProcVersionSignature: Ubuntu 3.5.0-45.68~precise1-generic 3.5.7.26
Uname: Linux 3.5.0-45-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.25.
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: [Errno 2] No such file or directory
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info: Error: [Errno 2] No such file or directory
Card0.Amixer.values: Error: [Errno 2] No such file or directory
Date: Tue Jan 14 15:33:47 2014
HibernationDevice: RESUME=UUID=474adefd-59c4-4582-8d03-3c570137809d
InstallationMedia: Ubuntu-Server 12.04.2 LTS "Precise Pangolin" -
Release amd64 (20130214)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb:
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
MarkForUpload: True
ProcEnviron:
SHELL=/bin/bash
TERM=xterm
PATH=(custom, no user)
LANG=en_GB.UTF-8
LANGUAGE=en_GB:en
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-45-generic
root=UUID=a2842a37-9023-4e21-8460-a565465b7f67 ro
RelatedPackageVersions:
linux-restricted-modules-3.5.0-45-generic N/A
linux-backports-modules-3.5.0-45-generic N/A
linux-firmware 1.79.9
RfKill: Error: [Errno 2] No such file or directory
SourcePackage: linux-lts-quantal
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias:
dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
break-fix: 1661bf364ae9c506bc8795fef70d1532931be1e8
db31c55a6fb245fdbb752a2ca4aefec89afabb06
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1269053/+subscriptions
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1269053
Title:
IBM Domino 'bindsock' cannot bind to ports <1024 since recent kernel
3.5.0-45.68
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Invalid
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Invalid
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Committed
Status in “linux-armadaxp” source package in Precise:
Fix Committed
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-lts-quantal” source package in Precise:
Confirmed
Status in “linux-lts-raring” source package in Precise:
Fix Committed
Status in “linux-lts-saucy” source package in Precise:
Fix Committed
Status in “linux-ti-omap4” source package in Precise:
Fix Committed
Status in “linux” source package in Quantal:
Fix Committed
Status in “linux-armadaxp” source package in Quantal:
Confirmed
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Confirmed
Status in “linux” source package in Saucy:
Fix Committed
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Confirmed
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Bug description:
Something has changed in Ubuntu's Kernel 3.5.0-45 32 & 64-bit Intel,
has prevented IBM Domino's
"/opt/ibm/domino/notes/latest/linux/bindsock" binary that runs as root
(setuid) to get ports lower than 1024 for it's LDAP, SMTP, IMAP, POP3,
and HTTP processes. The IBM Domino Application Server's parent process
"/opt/ibm/domino/notes/latest/linux/server" runs as a Service Account
or a normal non-admin user, that launches "bindsock"and others like
"http", "ldap"....
In the Live Domino Console we're seeing the Application Server report:
"Listener failure: 'bindsock' is missing, not executable, not owned by root, not setuid root or user needs net_privaddr privilege."
Another thing in the Live Domino Console, which is unusual is:
"Error_CmdToDo_INVAL"... might be an IBM thang.
A number of us have to hold back the kernel now and there's lots of scratching going on.
http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=485F5F092833BCBE85257C33006AC7A3
It does seem to be limited to IBM Domino's "bindsock" binary and other
things are just fine, such as Nginx.
I have attached some files within the zip "ibm-domino-bindsock_strace.zip"
>>bindsock_binary_strace.txt
This is just running strace against the binary that isn't running in any process.
>> domino-server-pid1052_strace-f.txt
The IBM Domino Application Server ("/opt/ibm/domino/notes/latest/linux/server") is running as PID 1052 so this is what I applied "strace -f" to and towards the end, I told "server" to start the "http" process ("l http") which would then try launch "bindsock" (I hope).
Hopeully this first attempt at strace provides some good info for you
kind folks :-)
Many thanks
MR
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: linux-image-3.5.0-45-generic 3.5.0-45.68~precise1
ProcVersionSignature: Ubuntu 3.5.0-45.68~precise1-generic 3.5.7.26
Uname: Linux 3.5.0-45-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.25.
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: [Errno 2] No such file or directory
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info: Error: [Errno 2] No such file or directory
Card0.Amixer.values: Error: [Errno 2] No such file or directory
Date: Tue Jan 14 15:33:47 2014
HibernationDevice: RESUME=UUID=474adefd-59c4-4582-8d03-3c570137809d
InstallationMedia: Ubuntu-Server 12.04.2 LTS "Precise Pangolin" - Release amd64 (20130214)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb:
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
MarkForUpload: True
ProcEnviron:
SHELL=/bin/bash
TERM=xterm
PATH=(custom, no user)
LANG=en_GB.UTF-8
LANGUAGE=en_GB:en
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-45-generic root=UUID=a2842a37-9023-4e21-8460-a565465b7f67 ro
RelatedPackageVersions:
linux-restricted-modules-3.5.0-45-generic N/A
linux-backports-modules-3.5.0-45-generic N/A
linux-firmware 1.79.9
RfKill: Error: [Errno 2] No such file or directory
SourcePackage: linux-lts-quantal
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
break-fix: 1661bf364ae9c506bc8795fef70d1532931be1e8
db31c55a6fb245fdbb752a2ca4aefec89afabb06
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1269053/+subscriptions
References