not enough daemons port configurable

Bug #1223636 reported by Kees Cook on 2013-09-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sendmail (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned
Saucy
Undecided
Unassigned

Bug Description

#define MAXDAEMONS 10 /* max number of ports to listen to */

This is causing failures when trying to start:

/etc/mail/sendmail.cf: line 285: too many daemons defined (10 max)

I'm running MTA, MSA, and MSASSL daemons on localhost and my primary
interface. With the addition of IPv6, this pushes me to 12 combinations
of listeners.

I suggest raising this seemingly arbitrary limit to much larger.

IMPACT: the default sendmail package is unusable in larger server configurations.

TEST CASE:
- install sendmail-bin
- make sure network interfaces have IPv6 addresses (even link-local)
- update /etc/mail/sendmail.mc to have the following DAEMON_OPTION entries, where host.domain is the local fqdn:
DAEMON_OPTIONS(`Name=MTA, Port=smtp, Family=inet, Address=localhost')
DAEMON_OPTIONS(`Name=MTA, Port=smtp, Family=inet6, Address=::1')
DAEMON_OPTIONS(`Name=MTA, Port=smtp, Family=inet, Address=host.domain')
DAEMON_OPTIONS(`Name=MTA, Port=smtp, Family=inet6, Address=host.domain')
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Name=MSA, M=E, Port=submission, Family=inet, Address=localhost')
DAEMON_OPTIONS(`Name=MSA, M=E, Port=submission, Family=inet6, Address=::1')
DAEMON_OPTIONS(`Name=MSA, M=Ea, Port=submission, Family=inet, Address=host.domain')
DAEMON_OPTIONS(`Name=MSA, M=Ea, Port=submission, Family=inet6, Address=host.domain')
DAEMON_OPTIONS(`Name=MSASSL, M=Eas, Port=smtps, Family=inet, Address=localhost')
DAEMON_OPTIONS(`Name=MSASSL, M=Eas, Port=smtps, Family=inet6, Address=::1')
DAEMON_OPTIONS(`Name=MSASSL, M=Eas, Port=smtps, Family=inet, Address=host.domain')
DAEMON_OPTIONS(`Name=MSASSL, M=Eas, Port=smtps, Family=inet6, Address=host.domain')
- rebuild configuration: cd /etc/mail; make
- observe failure ("too many daemons defined (10 max)")

REGRESSION POTENTIAL: virtually none. The 54 extra array slots uses will use a tiny bit more memory, but if that creates a problem, there are significantly more serious problems happening on the system.

Kees Cook (kees) wrote :

For full IPv6 happiness, this patch makes many more daemon listeners available.

Changed in sendmail (Ubuntu Saucy):
status: New → Fix Released
Kees Cook (kees) wrote :

Saucy fixed with 8.14.4-2.1ubuntu3

Thanks for uploading the fix for this bug report to -proposed. However, when reviewing the package in -proposed and the details of this bug report I noticed that the bug description is missing information required for the SRU process. You can find full details at http://wiki.ubuntu.com/StableReleaseUpdates#Procedure but essentially this bug is missing some of the following: a statement of impact, a test case and details regarding the regression potential. Thanks in advance!

Kees Cook (kees) on 2013-09-19
description: updated

Hello Kees, or anyone else affected,

Accepted sendmail into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/sendmail/8.14.4-2ubuntu2.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in sendmail (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Kees Cook (kees) wrote :

Works for me! Thanks :)

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sendmail - 8.14.4-2ubuntu2.1

---------------
sendmail (8.14.4-2ubuntu2.1) precise-proposed; urgency=low

  * raise-max-daemons.patch: raise the hard-coded limit of the number of
    listening daemons. Without this, IPv6 is hard (LP: #1223636).
  * conf.c-ipv6.patch: fix A-only MX CNAME interface binding issues
    when using IPv6 (LP: #1223633).
 -- Kees Cook <email address hidden> Sat, 07 Sep 2013 09:31:47 -0700

Changed in sendmail (Ubuntu Precise):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for sendmail has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers