Bug 450941

Summary:

Does not do in-use port detection properly

Product:

[Retired] 389

Reporter:

Rob Crittenden <rcritten>

Component:

Install/Uninstall

Assignee:

Rich Megginson <rmeggins>

Status:

CLOSED CURRENTRELEASE

QA Contact:

Viktor Ashirov <vashirov>

Severity:

low

Docs Contact:

Priority:

low

Version:

1.1.0

CC:

andrey.ivanov

Target Milestone:

---

Keywords:

VerifiedUpstream

Target Release:

---

Hardware:

All

OS:

Linux

Whiteboard:

Fixed In Version:

Doc Type:

Bug Fix

Doc Text:

Story Points:

---

Clone Of:

Environment:

Last Closed:

2015-12-07 16:54:45 UTC

Type:

---

Regression:

---

Mount Type:

---

Documentation:

---

CRM:

Verified Versions:

Category:

---

oVirt Team:

---

RHEL 7.3 requirements from Atomic Host:

Cloudforms Team:

---

Target Upstream Version:

Embargoed:

Bug Depends On:

Bug Blocks:

249650, 442454, 452721

Attachments:

Description	Flags
diffs	none
cvs commit log	none

Description Rob Crittenden 2008-06-11 20:17:36 UTC

Description of problem:

The DS installer checks to see if the requested ports are in-use before
continuing the installation (Util.pm::portAvailable). It does not set
SO_REUSEADDR so incorrectly detects as in-use ports that otherwise should be
available.

Version-Release number of selected component (if applicable):

fedora-ds-base-1.1.1-1.fc7

Steps to Reproduce:

I'm testing this in the context of the ipa project, so using those tools:

1. ipa-server-install
2. kinit admin
3. ipa-server-install --uninstall -U
4. ipa-server-install

After the uninstall there will be a number of sockets in TIME_WAIT and FIN_WAIT2.

Comment 1 Chandrasekar Kannan 2008-06-17 13:24:25 UTC

Wait for a couple of minutes after uninstall and then try install again.

Comment 2 Rich Megginson 2008-07-08 21:13:17 UTC

*** Util.pm.in.~1.16.~	2007-12-17 16:49:50.000000000 -0700
--- Util.pm.in	2008-07-08 15:11:15.000000000 -0600
***************
*** 78,83 ****
--- 78,84 ----
      my $proto = getprotobyname('tcp');
      my $rc = socket(SOCK, PF_INET, SOCK_STREAM, $proto);
      if ($rc == 1) {
+         setsockopt(SOCK, SOL_SOCKET, SO_REUSEADDR, 1);
          $rc = bind(SOCK, sockaddr_in($port, INADDR_ANY));
      }
      close(SOCK);

Comment 3 Rich Megginson 2008-07-14 16:41:40 UTC

Created attachment 311729 [details]
diffs

Comment 4 Rich Megginson 2008-07-14 23:26:33 UTC

Created attachment 311787 [details]
cvs commit log

Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: Set SO_REUSEADDR to make sure the port is really available.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no

Comment 5 Michael Gregg 2009-04-16 00:18:52 UTC

It appears that this bug still exists:

ipa-server-install:
Setup complete
Next steps:
Be sure to back up the CA certificate stored in /etc/dirsrv/slapd-DSDEV-SJC-REDHAT-COM/cacert.p12
The password for this file is in /etc/dirsrv/slapd-DSDEV-SJC-REDHAT-COM/pwdfile.txt

[root@localhost ~]# kinit admin
Password for admin.REDHAT.COM: 

[root@localhost ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin.REDHAT.COM
Valid starting     Expires            Service principal
04/15/09 18:20:40  04/16/09 18:20:37  krbtgt/DSDEV.SJC.REDHAT.COM.REDHAT.COM
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

[root@localhost ~]# ipa-server-install --uninstall -U

[root@localhost ~]# ipa-server-install 

The log file for this installation can be found in /var/log/ipaserver-install.log
==============================================================================
This program will setup the FreeIPA Server.

This includes:
  * Configure the Network Time Daemon (ntpd)
  * Create and configure an instance of Directory Server
  * Create and configure a Kerberos Key Distribution Center (KDC)
  * Configure Apache (httpd)
  * Configure TurboGears

To accept the default shown in brackets, press the Enter key.

IPA requires ports 389 and 636 for the Directory Server.
These are currently in use:
	389

Comment 6 Michael Gregg 2009-04-16 00:49:24 UTC

tested against  

rpm -qa ipa-server
ipa-server-1.2.1-1.fc9.x86_64

Comment 7 Rob Crittenden 2009-04-16 00:51:41 UTC

We had to adjust the IPA port detection routines to match the DS ones so we could detect the unavailable port early on and not fail during ds-setup. It could be that this is a false-alarm.

Comment 8 Rich Megginson 2009-09-21 19:47:45 UTC

I would like to either close this bug or move it to freeipa - ok?

Comment 9 Rob Crittenden 2009-09-23 13:35:05 UTC

The DS part should be testable using setup-ds.pl I think. Rich, correct me if I'm wrong, but I think the process would be:

- setup-ds.pl
- run some queries against server
- remove-ds.pl
- setup-ds.pl (should not fail)

I think it would be best for tracking to open a separate bug against IPA.

Comment 10 Rich Megginson 2009-09-23 14:16:26 UTC

(In reply to comment #9)
> The DS part should be testable using setup-ds.pl I think. Rich, correct me if
> I'm wrong, but I think the process would be:
> 
> - setup-ds.pl
> - run some queries against server
> - remove-ds.pl
> - setup-ds.pl (should not fail)

Correct.
> 
> I think it would be best for tracking to open a separate bug against IPA.

Comment 11 Rich Megginson 2009-09-25 17:48:28 UTC

ok - closing - please open a separate IPA BUG