rpcbind grabs ports used by other daemons such as cupsd

Please attach your /etc/cups/cupsd.conf

I have same problem on Ubuntu 8.10, too. Here is my cupsd.conf

Same problem here on Ubuntu 8.10. I think that this problem was caused by an update of cups (this week). Please note that I have intrepid-proposed repository enabled. I have attached ny cupsd.conf as well. Please let me know if you need more info.

I have cups 1.3.9-2ubuntu5 (intrepid-proposed)

Any fix? This is a really stupid bug. I cannot print with evince.

Alex, cups 1.3.9-2ubuntu5 is completel;y broken, please update to cups 1.3.9-2ubuntu6 (if not yet in -updates from -proposed).

If you reboot your machine, does it really not start up CUPS?

Before rebooting, please edit /etc/cups/cupsd.conf, so that it has a line

LogLevel debug

and no other "LogLevel" line.

After rebooting check whether CUPS is running by executing the command "lpstat -p". If CUIPS is not running, post you /var/log/cups/error_log file.

I have the same problem with Ubuntu Server 8.10. I have attached my cupsd.conf.

Can you post the output of

sudo lsof -i :631

Is there anything else than cupsd listed? Can you kill all the listed processes, check whether no new processes come up and then start CUPS with

sudo /etc/init.d/cups start

Does CUPS start up, are you able to print?

Does CUPS start up again when you reboot? If not, do

sudo lsof -i :631

and post the output here.

If you do not have lsof on your system, do

sudo apt-get install lsof

Trapanator, if you cannot print from evince but from any other program, then your problem is not this bug. In this bug users are complaining that CUPS does not start because something is blocking the CUPS port 631. In this case printing will not work from any application.

here is my lsof:

trap@dell:~$ sudo lsof -i :631

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cupsd 4589 root 3u IPv4 42507 TCP localhost:ipp (LISTEN)

and now?

alvin@xanthippe:~$ sudo lsof -i :631
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cupsd 5115 root 3u IPv4 27358 TCP localhost:ipp (LISTEN)

Cups actually works. The message is just plain wrong. If cups is not started, the port is not in use.

So Alvin and Trapanator, you should be able to print. If not, your problem is something else.

Like I reported originally, cupsd is started like it should be. Still, this error message appears and we can't have false errors now, can we?

(I do have trouble printing, but not with every printer, so this is not related)

The problem has been fixed with the 1.3.9-2ubuntu6 update. Thanks.

I have upgraded to 1.3.9-2ubuntu6 on my server, but I still have this problem.

When I run the lsof -i :631 command I get no output at all. Can it be that my problem is a different one?

svsig, can you check whether CUPS is running ("lpstat -r", "ps auxwww | grep cupsd")?

Did you call the lsof command with the "sudo" in the beginning?

sudo lsof -i :631

Please edit /etc/cups/cupsd.conf, so that it has a line

LogLevel debug

and no other "LogLevel" line.

Then do

sudo /etc/init.d/cups stop
sudo /etc/init.d/cups start

Then post your /var/log/cups/error_log file here.

When I execute "lpstat -r" I get the response:
"scheduler is running"

When I execute "ps auxwww | grep cupsd" I get the response:
"root 4189 0.0 0.1 6408 2340 ? Ss 10:05 0:00 /usr/sbin/cupsd"

I am logged on as root, so I didn't use sudo here. I tried the same logged on with my ordinary account just for the record, but I got the same result here using sudo.

My error_log file is quite long now, so I removed most of it leaving only the output from the last restart process. There seems to be one error message here:
"Unable to bind socket for address 10.0.0.145:631 - Cannot assign requested address."

The IP address 10.0.0.145 is the client machine that I have been trying to access the CUPS web interface from. I changed the cupsd.conf file according to the how-to I was following. This file I have attached in a previous comment.

I notice the file says printers=0. I suppose this is the number of printers attached. I have a HP LaserJet 1100 attached to my server.

svsig, what exactly is not working for you? Can you print from the server? Can you print from the client? Can you ping the client from the server? What is the output of "nmap 10.0.0.145" (nmap package). What is the output of ifconfig on your server? What is the output of ifconfig on your client? Why did you comment out "Listen 127.0.0.1:631"? Can you Reactivate this line?

My problem is that I can't access the CUPS web interface on the server from a client. The server seems to be OK otherwise. I have installed LAMP server, MediaWiki and Tomcat amongst other things, and these are working fine. But when I try to access the CUPS web interface I get the error message:
Failed to Connect
Firefox can't establish a connection to the server at 10.0.0.201:631.

Both machines are connected to the network and seems to be working fine otherwise.

Here is the output from the "nmap 10.0.0.145" command:
Starting Nmap 4.62 ( http://nmap.org ) at 2009-01-11 13:18 CET
Interesting ports on sveinung1 (10.0.0.145):
Not shown: 1712 closed ports
PORT STATE SERVICE
80/tcp open http
111/tcp open rpcbind
443/tcp open https
MAC Address: 00:1E:8C:0A:F8:E6 (Asustek Computer)

Nmap done: 1 IP address (1 host up) scanned in 0.172 seconds

Here is the output of ifconfig on the server:
eth0 Link encap:Ethernet HWaddr 00:1f:d0:0a:c7:34
          inet addr:10.0.0.201 Bcast:255.255.255.255 Mask:255.255.255.0
          inet6 addr: fe80::21f:d0ff:fe0a:c734/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:8024 errors:0 dropped:2235526125 overruns:0 frame:0
          TX packets:5209 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:611143 (611.1 KB) TX bytes:755856 (755.8 KB)
          Interrupt:221 Base address:0x6000

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:1827 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1827 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:156063 (156.0 KB) TX bytes:156063 (156.0 KB)

Here is the output of ifconfig on the client:
eth0 Link encap:Ethernet HWaddr 00:1e:8c:0a:f8:e6
          inet addr:10.0.0.145 Bcast:255.255.255.255 Mask:255.255.255.0
          inet6 addr: fe80::21e:8cff:fe0a:f8e6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:24817 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21543 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5125350 (5.1 MB) TX bytes:2181559 (2.1 MB)
          Interrupt:18

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:73 errors:0 dropped:0 overruns:0 frame:0
          TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7278 (7.2 KB) TX bytes:7278 (7.2 KB)

I have tried to reactivate the Listen localhost:631 line, but the error is the same. I have attached the new output from error_log.

Do you have some firewall on the server or on the client? Perhaps this blocks the CUPS communication.

Is the complete web interface inaccessible for you, or only the admin parts, or even only doing changes (like server settings, adding/modifying print queues)?

I have no firewalls installed, at least not that I know of. And as I can reach web pages both in apache through port 80 and in Tomcat through port 8080 I should be able to reach CUPS through port 631 as far as I can see. The whole web interface is inaccessible, I can't reach it at all. When I try I get the error message:

Firefox can't establish a connection to the server at 10.0.0.201:631

I upgraded to 1.3.9-2ubuntu6, but I cannot print on my PC. The printer is connected through to my PC.

Note that I have problem only with Evince, but with OpenOffice I can print.

I think I solved the problem now. I also placed a question on ubuntuforums.org, and I got a tip here. What I did was replace the lines

Listen localhost:631
Listen 10.0.0.145:631

with the line

Listen 0.0.0.0:631

in the cupsd.conf file.

Now I can access the CUPS web interface on my server from a client machine in the network.

Well, to solve this, /etc/cups/cupsd.conf has to be changed:
- Listen localhost:631
+ Listen 127.0.0.1:631

/etc/cups/cupsd.conf.default should be adapted too.

(Actually, I don't know why localhost wouldn't be ok.)

This is still happening to me on Ubuntu 8.10 Server, cups installed after-the-fact.

Everything is up-to-date and I can't find a working fix from the above posts.

Running,

$ sudo tasksel install print-server

doesn't seem to help either.

And sorry to triple post, but my error log is filling up like this:

$ tail /var/log/cups/error_log
E [15/Feb/2009:13:05:47 -0500] Unable to bind socket for address 127.0.0.1:631 - Address already in use.

And to quadruple post (you guys are going to love me), accessing http://192.168.1.102:631 still does not work after:

$ sudo cp -p /etc/cups/cupsd.conf.default /etc/cups/cupsd.conf
$ sudo tasksel install print-server
$ sudo /etc/init.d/cups start
 * Starting Common Unix Printing System: cupsd [ OK ]
$ sudo lsof -i :631
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cupsd 5932 root 2u IPv4 1647526 TCP localhost:ipp (LISTEN)
$ sudo kill -9 5932
$ sudo /etc/init.d/cups start
 * Starting Common Unix Printing System: cupsd [ OK ]
$ sudo lsof -i :631
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cupsd 5950 root 2u IPv4 1648352 TCP localhost:ipp (LISTEN)
$ sudo tail -n 1 /var/log/cups/error_log
E [15/Feb/2009:13:07:31 -0500] Unable to bind socket for address 127.0.0.1:631 - Address already in use.

The problem is that other daemon grab this port before cupsd gets a chance, typcally rpc. See:
https://bugzilla.redhat.com/show_bug.cgi?id=103401

Work around:
lsof -i :631
stop or kill the process, restart cups

long term solution:
I guess distros should ensure processes use different port number.

Note:
The same problem happens on a workstation that try to browse for remote printers (cupsctl --remote-printers), you don't get an error, but "lpstat -a" doesn't show remote printers.

Re: #32
  Cups and other processes expect to be able to assign their configured ports, But rpcbind / portmap etc. assign ports randomly.
e.g.: http://www.linuxproblem.org/art_13.html

This bug has just hit me, with a deadline to print and no way to reboot the computer without losing work.
It took a lot of debugging before I stumbled upon the article above, and I've been using linux since it came on two floppies. The problem has been noted in redhat, suse, even BSD.

I propose a solution: rpcbind should NOT assign random ports, it should assign random *unallocated* ports (i.e. it should
make a list of things listed in /etc/services and avoid those ports.)

Hello Alvin, or anyone else affected,

Accepted rpcbind into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/rpcbind/0.2.3-0.6ubuntu0.18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

bionic verification:

ubuntu@lp304393-b:~$ dpkg -l|grep rpcbind
ii rpcbind 0.2.3-0.6 amd64 converts RPC program numbers into universal addresses
ubuntu@lp304393-b:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 0.0.0.0:788 0.0.0.0:* 13332/rpcbind

after upgrade, same default behavior:

ubuntu@lp304393-b:~$ dpkg -l|grep rpcbind
ii rpcbind 0.2.3-0.6ubuntu0.18.04.1 amd64 converts RPC program numbers into universal addresses
ubuntu@lp304393-b:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-b:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 0.0.0.0:707 0.0.0.0:* 14099/rpcbind

with parameter set, random port is disabled:

ubuntu@lp304393-b:~$ cat /etc/default/rpcbind
RPCBIND_RMTCALL_DEFAULT_DISABLED=1

ubuntu@lp304393-b:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-b:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
ubuntu@lp304393-b:~$

with param commented, default behavior restored:

ubuntu@lp304393-b:~$ cat /etc/default/rpcbind
#RPCBIND_RMTCALL_DEFAULT_DISABLED=1

ubuntu@lp304393-b:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-b:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 0.0.0.0:877 0.0.0.0:* 14269/rpcbind

The Ubuntu Xenial SRU looks fine in principle but is currently blocked until the previous SRU is released. I've not reviewed this in detail yet.

This bug was fixed in the package rpcbind - 0.2.3-0.6ubuntu0.18.04.1

---------------
rpcbind (0.2.3-0.6ubuntu0.18.04.1) bionic; urgency=medium

  * d/rules: force dh_autoreconf to fix FTBFS (LP: #1885389)
  * d/p/lp304393/0001-rpcbind-Disable-remote-calls-by-default.patch,
    d/p/lp304393/0002-rmt-calls.patch,
    d/p/lp304393/0003-change-rmtcalls-default-to-enabled.patch:
    - Allow disabling rmtcalls port binding (LP: #304393)

 -- Dan Streetman <email address hidden> Tue, 04 Aug 2020 17:17:50 -0400

The verification of the Stable Release Update for rpcbind has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Hello Alvin, or anyone else affected,

Accepted rpcbind into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/rpcbind/0.2.3-0.2ubuntu0.16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

ubuntu@lp304393-x:~$ dpkg -l|grep rpcbind
ii rpcbind 0.2.3-0.2ubuntu0.1 amd64 converts RPC program numbers into universal addresses
ubuntu@lp304393-x:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 *:927 *:* 13471/rpcbind

same default behavior after upgrade:

ubuntu@lp304393-x:~$ dpkg -l|grep rpcbind
ii rpcbind 0.2.3-0.2ubuntu0.16.04.1 amd64 converts RPC program numbers into universal addresses
ubuntu@lp304393-x:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-x:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 *:625 *:* 14441/rpcbind

with parameter added, random port disabled:

ubuntu@lp304393-x:~$ cat /etc/default/rpcbind
RPCBIND_RMTCALL_DEFAULT_DISABLED=1

ubuntu@lp304393-x:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-x:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
ubuntu@lp304393-x:~$

with parameter commented, default behavior restored:

ubuntu@lp304393-x:~$ cat /etc/default/rpcbind
#RPCBIND_RMTCALL_DEFAULT_DISABLED=1

ubuntu@lp304393-x:~$ sudo systemctl restart rpcbind
ubuntu@lp304393-x:~$ sudo netstat --inet -p -l | grep rpcbind | grep -v sunrpc
udp 0 0 *:660 *:* 14476/rpcbind

note there is only one xenial reverse-dep autopkgtest failure, for nfs-utils on s390x, and that test has always failed and can be ignored.

This bug was fixed in the package rpcbind - 0.2.3-0.2ubuntu0.16.04.1

---------------
rpcbind (0.2.3-0.2ubuntu0.16.04.1) xenial; urgency=medium

  * d/rules, d/control:
    - Add dh-autoreconf build-dep and force dh_autoreconf
      to fix FTBFS (LP: #1885389)
  * d/p/lp304393/0001-rpcbind-Disable-remote-calls-by-default.patch,
    d/p/lp304393/0002-rmt-calls.patch,
    d/p/lp304393/0003-change-rmtcalls-default-to-enabled.patch:
    - Allow disabling rmtcalls port binding (LP: #304393)

 -- Dan Streetman <email address hidden> Mon, 10 Aug 2020 11:05:43 -0400