Bug 1306729
Summary: | Glusterfs/Glusterd blocking root ports ( 1-1024 ) | ||
---|---|---|---|
Product: | [Community] GlusterFS | Reporter: | customercare |
Component: | rpc | Assignee: | Raghavendra G <rgowdapp> |
Status: | CLOSED NEXTRELEASE | QA Contact: | |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.6.8 | CC: | amukherj, barumuga, bugs, humble.devassy, joe, jonathansteffan, kaushal, lmohanty, ndevos |
Target Milestone: | --- | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-08-23 12:57:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
customercare
2016-02-11 16:40:49 UTC
You can extend the ordering of your systemd services with dropins, for instance dovecot comes with a dovecot.socket file which opens the tcp ports for imap and imaps. You can tell the glusterd.service file to wait for dovecot.socket to be started first with a drop-in: /etc/systemd/system/glusterd.service.d/10-waitfor_dovecot_socket [Unit] After=dovecot.socket IMHO, that's the best way to handle this particular problem. You should also be able to use net.ipv4.ip_local_reserved_ports in /etc/sysctl.conf, ie. "net.ipv4.ip_local_reserved_ports = 143, 993, 443, 25, 587" for instance. This bug is being closed as GlusterFS-3.6 is nearing its End-Of-Life and only important security bugs will be fixed. This bug has been fixed in more recent GlusterFS releases. If you still face this bug with the newer GlusterFS versions, please open a new bug. Since GlusterFS-3.7.3, Gluster defaults to using insecure ports (ie. ports > 1024). This issue should no longer happen in newer GlusterFS releases. |