Bug 214063 - xend doesn't start if xen-http-server is enabled
Summary: xend doesn't start if xen-http-server is enabled
Alias: None
Product: Fedora
Classification: Fedora
Component: xen   
(Show other bugs)
Version: 6
Hardware: All Linux
Target Milestone: ---
Assignee: Xen Maintainance List
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2006-11-05 11:16 UTC by Sven Oehme
Modified: 2008-08-02 23:40 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-11-23 14:17:56 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Sven Oehme 2006-11-05 11:16:47 UTC
Description of problem:

when you enable http-server in /etc/xen/xend-config.sxp (change xend-http-server
to yes) xend does no longer start

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
1. enable xend-http-server 
2. stop xend
3. start xend
Actual results:

the start command never comes back 

Expected results:

star should come back and web interafce should be available 

Additional info:

Comment 1 Daniel Berrange 2006-11-22 16:21:28 UTC
The 'xen-http-server' option opens a TCP port on all network interfaces and
performs no authentication on incoming connections. This allows anyone on the
network to create/stop/manage  guest domainson the hsot in question. This
obviously a huge security hole - on a par with running telnet server with no
password - thus disabled by default in the XenD config, and denied by the
SELinux policy even if the XenD config is turned on.

Comment 2 Sven Oehme 2006-11-22 16:52:34 UTC
i can set ip table ruls to block not wanted connections, but selinux is disabled
in my environement and xend doesn't start either as soon as i change this
parameter in xenconfig. so this is still a bug . 

Comment 3 Daniel Berrange 2006-11-22 17:07:14 UTC
Ok, can you upload the XenD server/startup logs


And also check to see if any other process is listening on the XenD port (8000),
with something like:

  netstat -t -a -n -p | grep LISTEN | grep 8000

Comment 4 Sven Oehme 2006-11-23 14:17:56 UTC
ok, got the problem, i have the nasd - Network Audio System server installed who
is listening on port 8000, after changing the port to 8080 it works now.

the default port for xen should be moved  to another free availlable if this
service will be anabled in the future. i close the bug ..

Note You need to log in before you can comment on or make changes to this bug.