Ubuntu
pcs package

pcsd does only bind to IPv6

Bug #1580045 reported by Tommy Giesler on 2016-05-10

This bug affects 10 people

	Status	Importance	Assigned to
pcs (Ubuntu)	Fix Released	Medium	Unassigned
Xenial	Fix Released	Medium	Rafael David Tinoco
Yakkety	Fix Released	Medium	Unassigned
Zesty	Fix Released	Medium	Unassigned

Bug Description

[Impact]

* PCS doesn't listen to IPv4 by default.

[Test Case]

* Install PCS and check netstat.

[Regression Potential]

* Stop listening on IPv6 also.
* Almost none.

[Other Info]

* Fixing LP: #1580045 in SRU for LP: #1640919.

[Original Description]

Greetings,

pcsd does only bind to IPv6 instead of IPv4 and IPv6, if it is started on a machine, which has active IPv6 support.

----------------->%-----------------
lsb_release -rd
Description: Ubuntu 16.04 LTS
Release: 16.04
-----------------%<-----------------
apt-cache policy pcs
pcs:
  Installed: 0.9.149-1
  Candidate: 0.9.149-1
  Version table:
*** 0.9.149-1 500
        500 http://mirror.hetzner.de/ubuntu/packages xenial/universe amd64 Packages
        500 http://de.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
        100 /var/lib/dpkg/status
----------------->%-----------------
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:a2:01:54:c6 brd ff:ff:ff:ff:ff:ff
    inet 172.31.1.100/24 brd 172.31.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:a2ff:fe01:54c6/64 scope link
       valid_lft forever preferred_lft forever
-----------------%<-----------------

By default it should bind to all available IPv4 and IPv6 interfaces. Instead it only bind to the IPv6:
----------------->%-----------------
netstat -ap |grep ruby
tcp6 0 0 [::]:2224 [::]:* LISTEN 12430/ruby
-----------------%<-----------------

After changing the following in the /usr/share/pcsd/ssl.rb, it binds to IPv4 and IPv6:
----------------->%-----------------
# diff /usr/share/pcsd/ssl.rb /usr/share/pcsd/ssl.rb.bak
50,51c50,51
< :BindAddress => 'nil',
< :Host => '*',
---
> :BindAddress => '::',
> :Host => '::',
-----------------%<-----------------
netstat -ap |grep ruby
tcp 0 0 *:2224 *:* LISTEN 12465/ruby
tcp6 0 0 [::]:2224 [::]:* LISTEN 12465/ruby
----------------->%-----------------

See original description

Tags:

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-05-10:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in pcs (Ubuntu):
status:	New → Confirmed

Revision history for this message

Valentin Vidic (vvidic) wrote on 2016-06-27:

This issue has been patched in the Debian package 0.9.151-1, so you can check if it works on Ubuntu now. The upstream is also tracking this issue here: https://github.com/ClusterLabs/pcs/issues/51

Rafael David Tinoco (rafaeldtinoco) on 2016-11-14

Changed in pcs (Ubuntu):
assignee:	nobody → Rafael David Tinoco (inaddy)

Revision history for this message

Rafael David Tinoco (rafaeldtinoco) wrote on 2016-11-15:

The following issue:

https://github.com/ClusterLabs/pcs/issues/51

Was discussed resulting in upstream patch:

http://paste.ubuntu.com/23477995/

Already backported by debian:

* Fix pcsd listening on IPv6 only.

Since it was added in release 0.9.151-1, this bug is affecting only pcs | 0.9.149-1 | xenial/universe and not yakkety (or devel).

Changed in pcs (Ubuntu):
importance:	Undecided → Medium

Revision history for this message

Rafael David Tinoco (rafaeldtinoco) wrote on 2016-12-06:

Cases:

https://bugs.launchpad.net/ubuntu/+source/pcs/+bug/1580035
https://bugs.launchpad.net/ubuntu/+source/pcs/+bug/1580045
https://bugs.launchpad.net/ubuntu/+source/pcs/+bug/1640923
https://bugs.launchpad.net/ubuntu/+source/pcs/+bug/1640919

Are all being fixed into:

https://bugs.launchpad.net/ubuntu/+source/pcs/+bug/1640919
(check this case for the SRU proposal/patches)

Rafael David Tinoco (rafaeldtinoco) on 2016-12-09

description:

updated

Mattia Rizzolo (mapreri) on 2016-12-10

Changed in pcs (Ubuntu Zesty):
status:	Confirmed → Fix Released
assignee:	Rafael David Tinoco (inaddy) → nobody
Changed in pcs (Ubuntu Yakkety):
status:	New → Fix Released
importance:	Undecided → Medium
Changed in pcs (Ubuntu Xenial):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Rafael David Tinoco (inaddy)

Revision history for this message

Brian Murray (brian-murray) wrote on 2016-12-15: Please test proposed package

Hello Tommy, or anyone else affected,

Accepted pcs into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pcs/0.9.149-1ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in pcs (Ubuntu Xenial):
status:	In Progress → Fix Committed
tags:	added: verification-needed

Revision history for this message

Felipe Reyes (freyes) wrote on 2017-01-03:

The package available in xenial-updates does bind correctly to tcp and tcp6 . Evidence -> http://pastebin.ubuntu.com/23735727/

tags:

added: verification-done-xenial

Felipe Reyes (freyes) on 2017-01-04

tags:

added: verification-done
removed: verification-needed

Felipe Reyes (freyes) on 2017-01-04

tags:

added: sts

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-01-05:

This bug was fixed in the package pcs - 0.9.149-1ubuntu1

---------------
pcs (0.9.149-1ubuntu1) xenial; urgency=medium

  * Patch d/p/0006-Replace-orderedhash.patch added by Debian (LP: #1580035)
    Orderedhash gem can't be used due to licensing issues.
    Dependency package orderedhash replaced by activesupport.
    The daemon was not functional in Xenial before this.
  * Patch d/p/0007-Fix-IPv6-bind.patch (LP: #1580045)
    The daemon was being initialized listening only for IPv6 protocol.
  * Patch d/p/0008-Find-on-specific-directories-only.patch (LP: #1640919)
    Cleaning files when destroying a cluster was taking too long in /var/lib.
    Specifying /var/lib/pacemaker for "finding" leftovers solves the issue.

-- Rafael David Tinoco <email address hidden> Fri, 09 Dec 2016 03:07:25 +0000

Changed in pcs (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Brian Murray (brian-murray) wrote on 2017-01-05: Update Released

The verification of the Stable Release Update for pcs has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.