100 lines
2.7 KiB
Plaintext
100 lines
2.7 KiB
Plaintext
|
From: Jeff Mahoney <jeffm@suse.com>
|
||
|
Subject: socket-activation: Fix rpcbind.service to use separate sockets
|
||
|
References: bnc#757909
|
||
|
|
||
|
systemd will, by default, pass a socket that provides both IPv4 and
|
||
|
IPv6 services. RPC netconfig requires that sockets be either IPv4
|
||
|
or IPv6.
|
||
|
|
||
|
This patch fixes the rpcbind.socket unit file and adds a warning
|
||
|
to rpcbind should the user encounter an issue.
|
||
|
|
||
|
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
|
||
|
---
|
||
|
|
||
|
src/rpcbind.c | 32 +++++++++++++++++++++++++++++++-
|
||
|
systemd/rpcbind.socket | 9 +++++++--
|
||
|
2 files changed, 38 insertions(+), 3 deletions(-)
|
||
|
|
||
|
--- a/src/rpcbind.c
|
||
|
+++ b/src/rpcbind.c
|
||
|
@@ -50,6 +50,7 @@
|
||
|
#include <sys/file.h>
|
||
|
#include <sys/socket.h>
|
||
|
#include <sys/un.h>
|
||
|
+#include <netinet/in.h>
|
||
|
#include <rpc/rpc.h>
|
||
|
#include <rpc/rpc_com.h>
|
||
|
#ifdef PORTMAP
|
||
|
@@ -262,6 +264,32 @@ main(int argc, char *argv[])
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
+ * Normally systemd will open sockets in dual ipv4/ipv6 mode.
|
||
|
+ * That won't work with netconfig and we'll only match
|
||
|
+ * the ipv6 socket. Convert it to IPV6_V6ONLY and issue
|
||
|
+ * a warning for the user to fix their systemd config.
|
||
|
+ */
|
||
|
+static int
|
||
|
+handle_ipv6_socket(int fd)
|
||
|
+{
|
||
|
+ int opt;
|
||
|
+ socklen_t len = sizeof(opt);
|
||
|
+
|
||
|
+ if (getsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, &len)) {
|
||
|
+ syslog(LOG_ERR, "failed to get ipv6 socket opts: %s",
|
||
|
+ strerror(errno));
|
||
|
+ return 1;
|
||
|
+ }
|
||
|
+
|
||
|
+ if (opt) /* socket is already in V6ONLY mode */
|
||
|
+ return 0;
|
||
|
+
|
||
|
+ syslog(LOG_ERR, "systemd has passed an IPv4/IPv6 dual-mode socket.");
|
||
|
+ syslog(LOG_ERR, "Please fix your systemd config by specifying IPv4 and IPv6 sockets separately and using BindIPv6Only=ipv6-only.");
|
||
|
+ return 1;
|
||
|
+}
|
||
|
+
|
||
|
+/*
|
||
|
* Adds the entry into the rpcbind database.
|
||
|
* If PORTMAP, then for UDP and TCP, it adds the entries for version 2 also
|
||
|
* Returns 0 if succeeds, else fails
|
||
|
@@ -313,7 +341,7 @@ init_transport(struct netconfig *nconf)
|
||
|
#ifdef SYSTEMD
|
||
|
n = sd_listen_fds(0);
|
||
|
if (n < 0) {
|
||
|
- syslog(LOG_ERR, "failed to acquire systemd scokets: %s", strerror(-n));
|
||
|
+ syslog(LOG_ERR, "failed to acquire systemd sockets: %s", strerror(-n));
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
@@ -347,6 +375,9 @@ init_transport(struct netconfig *nconf)
|
||
|
goto error;
|
||
|
}
|
||
|
|
||
|
+ if (sa.sa.sa_family == AF_INET6 && handle_ipv6_socket(fd))
|
||
|
+ goto error;
|
||
|
+
|
||
|
/* Copy the address */
|
||
|
taddr.addr.maxlen = taddr.addr.len = addrlen;
|
||
|
taddr.addr.buf = malloc(addrlen);
|
||
|
--- a/systemd/rpcbind.socket
|
||
|
+++ b/systemd/rpcbind.socket
|
||
|
@@ -5,8 +5,13 @@ Before=rpcbind.target
|
||
|
|
||
|
[Socket]
|
||
|
ListenStream=/var/run/rpcbind.sock
|
||
|
-ListenStream=111
|
||
|
-ListenDatagram=111
|
||
|
+
|
||
|
+# RPC netconfig can't handle ipv6/ipv4 dual sockets
|
||
|
+BindIPv6Only=ipv6-only
|
||
|
+ListenStream=0.0.0.0:111
|
||
|
+ListenDatagram=0.0.0.0:111
|
||
|
+ListenStream=[::]:111
|
||
|
+ListenDatagram=[::]:111
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=sockets.target
|
||
|
|