594513 – Tomcat's ports listen on all interfaces

Bug 594513 - Tomcat's ports listen on all interfaces

Summary: Tomcat's ports listen on all interfaces

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite 5
Classification:	Red Hat
Component:	WebUI
Sub Component:
Version:	530
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Jan Pazdziora (Red Hat)
QA Contact:	Martin Minar
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	sat540-canfix
TreeView+	depends on / blocked

Reported:	2010-05-20 21:41 UTC by Justin Sherrill
Modified:	2016-07-04 00:55 UTC (History)
CC List:	4 users (show)
Fixed In Version:	spacewalk-setup-1.2.5-1
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-10-28 14:59:58 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Justin Sherrill 2010-05-20 21:41:20 UTC

Currently the default configuration is for tomcat to listen on all interfaces for port 8080 and 8009, but this isn't needed.

We need to change it in teh installer to just listen on localhost, especially now that we are moving the stored procs to a localhost accessible xmlrpc handler.

Comment 1 Jan Pazdziora (Red Hat) 2010-08-31 15:21:10 UTC

Addressed in Spacewalk master, 78a69fafa3e3d97535cf7efb6727bb26198d8bfe.

Comment 2 Jan Pazdziora (Red Hat) 2010-08-31 15:22:41 UTC

One way to verify the fix is to run

ps axuw | grep tomcat | awk '{ print $2 }' | while read i ; do lsof -nPp $i ; done | grep TCP

and check that all TCP LISTENs have 127.0.01 and not a star (*) there.

Comment 5 Michael Mráka 2010-10-20 14:33:07 UTC

Verified in stage.

[root@hp-bl685cg6-01 ~]# ps axuw | grep tomcat | awk '{ print $2 }' | while read i ; do lsof -nPp $i ;
> done | grep TCP
java    18064 tomcat  144u  IPv6 749937               TCP 127.0.0.1:8080 (LISTEN)
java    18064 tomcat  145u  IPv6 749935               TCP [::1]:51389->[::1]:58126 (FIN_WAIT2)
java    18064 tomcat  146u  IPv6 749936               TCP [::1]:58126->[::1]:51389 (CLOSE_WAIT)
java    18064 tomcat  148u  IPv6 750227               TCP 127.0.0.1:8009 (LISTEN)
java    18064 tomcat  150u  IPv6 750229               TCP 127.0.0.1:8005 (LISTEN)
java    18064 tomcat  152u  IPv4 872280               TCP 127.0.0.1:34396->127.0.0.1:1521 (ESTABLISHED)
java    18064 tomcat  154u  IPv4 872291               TCP 127.0.0.1:34397->127.0.0.1:1521 (ESTABLISHED)
java    18064 tomcat  156u  IPv4 872302               TCP 127.0.0.1:34398->127.0.0.1:1521 (ESTABLISHED)
java    18064 tomcat  158u  IPv4 872313               TCP 127.0.0.1:34399->127.0.0.1:1521 (ESTABLISHED)
java    18064 tomcat  160u  IPv4 872324               TCP 127.0.0.1:34400->127.0.0.1:1521 (ESTABLISHED)

Comment 6 Clifford Perry 2010-10-28 14:55:05 UTC

The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. 


RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332

RHEA-2010:0803 - RHN Tools enhancement update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333

RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334

RHEA-2010:0800 - RHN Satellite Server 5.4.0
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335

Docs are available:

http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html 

Regards,
Clifford

Note You need to log in before you can comment on or make changes to this bug.