MAAS

maas-cluserd cant bind to tftp port

Bug #1545035 reported by stsp on 2016-02-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	MAAS	Expired	Undecided	Unassigned

Bug Description

maas 1.10.0+bzr4578-0ubuntu2 from xenial proposed.
Cluster controller doesn't start, as it gets EPERM trying to
bind to tftp port. That port is privileged (below 1024), and
as such, the following change is needed in maas-clusterd.service:

--- maas-clusterd.service.old 2016-02-10 07:32:59.000000000 +0300
+++ maas-clusterd.service 2016-02-12 18:06:55.228541581 +0300
@@ -5,8 +5,8 @@
After=network-online.target

[Service]
-User=maas
-Group=maas
+User=root
+Group=root
Restart=always
RestartSec=10s
Environment="LOGFILE=/var/log/maas/clusterd.log"

Revision history for this message

Andres Rodriguez (andreserl) wrote on 2016-02-12:

Hi there,

This is actually not needed. MAAS installs and configures authbind that provides the ability to the MAAS user to bind to the port. Do you have anything else running on that? Can you provide the output of :

/etc/authbind/byuid/<uid>/

Thanks!

Changed in maas:
status:	New → Incomplete

Revision history for this message

stsp (stsp-0) wrote on 2016-02-12:

By what package?
I have /etc/authbind/byuid empty.
Please note that I am using xenial-proposed repo.

Revision history for this message

Andres Rodriguez (andreserl) wrote on 2016-02-12:

maas-cluster-controller package:

You could run this function:

configure_cluster_authbind() {
    MAAS_UID="`id -u maas`"
    if [ ! -f "/etc/authbind/byuid/$MAAS_UID" ]; then
        if [ ! -d "/etc/authbind/byuid" ]; then
            mkdir -p /etc/authbind/byuid
            chmod 755 /etc/authbind
            chmod 755 /etc/authbind/byuid
        fi
    fi
    echo '0.0.0.0/0:68,69' >/etc/authbind/byuid/$MAAS_UID
    echo '::/0,68-69' >>/etc/authbind/byuid/$MAAS_UID
    chown maas:maas /etc/authbind/byuid/$MAAS_UID
    chmod 700 /etc/authbind/byuid/$MAAS_UID
}

Revision history for this message

stsp (stsp-0) wrote on 2016-02-12:

> chmod 700 /etc/authbind/byuid/$MAAS_UID
I guess it should be 600, right?
Thanks for this tip! It helped.
So I am not sure why it isn't created automatically.
I now did:
# dpkg-reconfigure maas-cluster-controller

and its still not there. So I guess the bug is valid.
Please check if it works as expected on xenial-proposed.

Revision history for this message

stsp (stsp-0) wrote on 2016-02-12:

With this change:

--- maas-cluster-controller.postinst.old 2016-02-12 19:59:54.274439649 +0
300
+++ maas-cluster-controller.postinst 2016-02-12 19:58:57.013856830 +0300
@@ -101,6 +101,7 @@
         db_go
     fi
     configure_shared_secret
+ configure_cluster_authbind

elif [ "$1" = "configure" ] && dpkg --compare-versions "$2" gt 0.1+bzr266+dfsg-
0ubuntu1; then
# If we are upgrading from an older version, then we need to obtain

I've got it after reconfigure.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-04-13:

[Expired for MAAS because there has been no activity for 60 days.]

Changed in maas:
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.