Bug 214063

Summary: xend doesn't start if xen-http-server is enabled
Product: [Fedora] Fedora Reporter: Sven Oehme <oehmes>
Component: xenAssignee: Xen Maintainance List <xen-maint>
Status: CLOSED NOTABUG QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: bstein, katzj
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-11-23 09:17:56 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Sven Oehme 2006-11-05 06:16:47 EST
Description of problem:

when you enable http-server in /etc/xen/xend-config.sxp (change xend-http-server
to yes) xend does no longer start

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
1. enable xend-http-server 
2. stop xend
3. start xend
Actual results:

the start command never comes back 

Expected results:

star should come back and web interafce should be available 

Additional info:
Comment 1 Daniel Berrange 2006-11-22 11:21:28 EST
The 'xen-http-server' option opens a TCP port on all network interfaces and
performs no authentication on incoming connections. This allows anyone on the
network to create/stop/manage  guest domainson the hsot in question. This
obviously a huge security hole - on a par with running telnet server with no
password - thus disabled by default in the XenD config, and denied by the
SELinux policy even if the XenD config is turned on.
Comment 2 Sven Oehme 2006-11-22 11:52:34 EST
i can set ip table ruls to block not wanted connections, but selinux is disabled
in my environement and xend doesn't start either as soon as i change this
parameter in xenconfig. so this is still a bug . 
Comment 3 Daniel Berrange 2006-11-22 12:07:14 EST
Ok, can you upload the XenD server/startup logs


And also check to see if any other process is listening on the XenD port (8000),
with something like:

  netstat -t -a -n -p | grep LISTEN | grep 8000
Comment 4 Sven Oehme 2006-11-23 09:17:56 EST
ok, got the problem, i have the nasd - Network Audio System server installed who
is listening on port 8000, after changing the port to 8080 it works now.

the default port for xen should be moved  to another free availlable if this
service will be anabled in the future. i close the bug ..