Unable to bind ietd to specific address and port
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| iscsitarget (Debian) |
Fix Released
|
Unknown
|
||
| iscsitarget (Ubuntu) |
Undecided
|
Unassigned |
Bug Description
It is possible to bind the iscsitarget daemon (ietd) to a specific IP address and port number, but only by using the --address and --port command-line options: there is no way to do so in the configuration file. The /etc/init.
My proposal is to append "-- $IETD_ARGS" to the start-stop-daemon line in ietd_start() (as well as IETD_ARGS= earlier-on), so that it becomes possible to set this variable in /etc/default/
I have made the above changes locally, but now run the risk that if the /etc/init.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: iscsitarget 1.4.20.2-1ubuntu1
ProcVersionSign
Uname: Linux 2.6.38-8-generic x86_64
Architecture: amd64
Date: Sun Oct 9 08:45:49 2011
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: iscsitarget
UpgradeStatus: No upgrade log present (probably fresh install)
JanCeuleers (jan-ceuleers) wrote : | #1 |
security vulnerability: | yes → no |
security vulnerability: | yes → no |
visibility: | private → public |
visibility: | private → public |
Launchpad Janitor (janitor) wrote : | #3 |
Status changed to 'Confirmed' because the bug affects multiple users.
Changed in iscsitarget (Ubuntu): | |
status: | New → Confirmed |
harmscon (harmscon) wrote : | #4 |
I have the same requirement: only bind a specific address.
I took a very similar approach to resolve:
Add the following to /etc/defaults/
## ietd options
# --address: bind to specific interface
ISCSITARGET_
Make the following change to function ietd_start() in /etc/init.
< start-stop-daemon --start --quiet --oknodo --exec $DAEMON -- $ISCSITARGET_
---
> start-stop-daemon --start --exec $DAEMON --quiet --oknodo
I hope this helps.
annunaki2k2 (russell-knighton) wrote : | #5 |
Good solution - simple and effective. I have also needed this in our server environment.
Bump.
Please can we get this added to the next release.
Thanks,
Simon Déziel (sdeziel) wrote : | #6 |
This bug was fixed in Debian with version 1.4.20.3+svn496-1. (commit: http://
Changed in iscsitarget (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in iscsitarget (Debian): | |
status: | Unknown → Fix Released |
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.