kernel-packages team mailing list archive

Thread
Date

[Bug 1335478] Re: A new instance of IBM Domino 'bindsock' cannot bind to ports <1024 Kernel 3.13.0-29 and above

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Ben Erickson <bugs@xxxxxxxxxxxxxxxxxx>
Date: Fri, 16 Jan 2015 15:42:44 -0000
Reply-to: Bug 1335478 <1335478@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I pushed a little harder with IBM and found out that an SPR (Software
Problem Report) has been opened for the issue on SUSE 12, which also
exhibits the same behavior:

SPR # YXYX9RA56Z "Error - Unable to Bind port 443 or 80" on SUSE12.

My representative quoted one of the developers as saying:

"There is a known issue with SLES 12 where bindsock has issues. Before
we can support SLES 12 and any other newer kernel with this issue, we
will have to identify the issue and get it fixed - bindsock and it's
code has never changed in this area so the issue is a change in behavior
in the kernel".

So, there is hope that there may be a future fixpack(s)(9.0.1 FP3?)
where the issue may be addressed on the bindsock side. But, as one of my
favorite quotes goes,

"Hope? Let me tell you something, my friend. Hope is a dangerous thing.
Hope can drive a man insane. It's got no use on the inside. You'd better
get used to that idea." -Red, Shawshank Redemption

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1335478

Title:
  A new instance of IBM Domino 'bindsock' cannot bind to ports <1024
  Kernel  3.13.0-29 and above

Status in linux package in Ubuntu:
  Fix Released
Status in linux-lts-trusty package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux source package in Lucid:
  Fix Released
Status in linux-lts-trusty source package in Lucid:
  Invalid
Status in linux-lts-utopic source package in Lucid:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux-lts-trusty source package in Precise:
  Fix Released
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux source package in Trusty:
  Fix Released
Status in linux-lts-trusty source package in Trusty:
  Invalid
Status in linux-lts-utopic source package in Trusty:
  Fix Released
Status in linux source package in Utopic:
  Fix Released
Status in linux-lts-trusty source package in Utopic:
  Invalid
Status in linux-lts-utopic source package in Utopic:
  Invalid
Status in linux source package in Vivid:
  Fix Released
Status in linux-lts-trusty source package in Vivid:
  Invalid
Status in linux-lts-utopic source package in Vivid:
  Invalid

Bug description:
  Starting  with kernels  3.2.0-64 and 3.13.0-29  Something has changed
  to once again that prevents IBM Domino's
  "/opt/ibm/domino/notes/latest/linux/bindsock" binary that runs as root
  (setuid) to get ports lower than 1024 for it's LDAP, SMTP, IMAP, POP3,
  and HTTP processes.

  The Domino server reports  the following: :
    "Listener failure: 'bindsock' is missing, not executable, not owned by root, not setuid root or user needs net_privaddr privilege."

  This is the same behaviour that was reported and subsequently
  corrected in Bug # 1269053

  ===
  break-fix: dbb490b96584d4e958533fb637f08b557f505657 6a2a2b3ae0759843b22c929881cc184b00cc63ff

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1335478/+subscriptions